last executing test programs:

5.297442565s ago: executing program 4 (id=2071):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000280)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@skip_balance}, {@discard}, {@max_inline={'max_inline', 0x3d, [0x31, 0x39]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55a3, &(0x7f0000023c40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x46b42, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
r3 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
lseek(r3, 0x0, 0x0)
write$cgroup_devices(r3, &(0x7f0000000000)=ANY=[], 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x10000000000002)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f000000ac40)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pwrite64(r1, 0x0, 0x0, 0x3)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0xfffffffd, 0x12, "0000000000dfff000000000006bb8d8d00"})
syz_genetlink_get_family_id$nl80211(0x0, r3)
syz_open_pts(0xffffffffffffffff, 0x48f00)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$cgroup_int(r5, &(0x7f00000000c0), 0x12)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

4.312255655s ago: executing program 1 (id=2074):
r0 = memfd_create(&(0x7f0000000380)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00\xb1\x9aF\xe2\xc2\xc8\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11iW\x9ce\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%\xf3z\xe3_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9f\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x02\x00\x00\x00\x00\x00\x00\x00\x9a\x15\x91\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9J\x02\x1d\x91\x99\xa6\tG\xc5Dy\xcdd-\xc99\t&\xbdq\x06`Tx\x00\x00\x00#\xd8b\x90\xeb\f\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcalY\x9a}\r4\xac\x93\xac\v2\xe6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9b\x04\x00\x00\x00\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdem\xe3+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\x99[\xff\x1f\x94\x0ej\xbaG\xa6UD\x88Y6\x11Y\xd4\xd1\xde\x9a{]\xe2\x98W\xb9\x13\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x839}\xcc\xbc0\xdb\xd6\xbd\x9c\x05l\xfc.\xf4\xbbeF\xa3\xea}\xf1\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRY\xa3|Pjk\xdc\xa5d\xddXv\xc9\x1322L\xd6\x99\xf6\t\x9d\xbeZ\x02\xc0\xa41\xf9sNG\x02\x83\xe6Bl\xd2\x02\xfb[\x82\xc0I\xb7\xf6\xe5Z\xa1}\xee}\x8b\x89\x04\x8a\'\xc7J\xca\xdf:\x8ft\xe0\xf8\a]>\x9b6\xd0B0\x1aT\xa9\x1a\xb6\xfd}\x9cU[\x01W3C\xef\xfd\xef#\x8292\xf3P\x0e\x17\xa6a=\xbeZ\x87\xbe\xa2[|\xb8\xa8<?\xc3v#|\xf9\xcf\x1fut\xc2\xc0\xbci\xbb\xf7c\xb6\x94\x8e*\x00\x00\x00\x00\x00\x00\x00\x8c\x0f\xa2\x96\x00\x00\x009B\xab\x13;\xde\x9e\xfc\vFP\x8d\x1e\x17\xc4\\y\x1f\xc8Dg\xf6h\xccR0\xd9\x86\xc0\x00\x00\x00K\x11R\xc8\xce\x1c\x15\x80M\xec\xbf\xd89\t,\x15\x9a\xedg\x06\xb0\xe07x=\x87\x18A\x81\x1drQ\x01\xcaZF\x9fN\x1c\n\x8e\xdd\x15\xa40i2\xcc\x8bZ{;~o\xb1|\xc1\x12\x94\xda\x00'/790, 0x0)
rt_sigreturn()
poll(0x0, 0x0, 0x6c)
rt_sigreturn()
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x0, &(0x7f0000ffd000/0x1000)=nil)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x11, r0, 0x0)
fallocate(r0, 0x0, 0x0, 0x800000b)
r1 = socket(0x1, 0x2, 0x0)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0x8910, 0x20000000)

4.177875114s ago: executing program 1 (id=2075):
r0 = msgget$private(0x0, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x0)
msgctl$IPC_RMID(r0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
accept$unix(0xffffffffffffffff, 0x0, 0x0)
mlockall(0x1)
msgget(0x1, 0x0)

2.794574917s ago: executing program 2 (id=2078):
r0 = epoll_create(0x7)
ioctl$TCXONC(r0, 0x5450, 0x0)

2.693599238s ago: executing program 2 (id=2079):
r0 = shmget(0x0, 0x1000, 0x200, &(0x7f0000ffd000/0x1000)=nil)
msgctl$MSG_STAT(r0, 0xb, &(0x7f0000000080)=""/248)

2.547423347s ago: executing program 2 (id=2080):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab", 0x1)

2.404348699s ago: executing program 1 (id=2081):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000a7080000000000007b8a20ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b6000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.258690109s ago: executing program 1 (id=2083):
syz_open_dev$MSR(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x97, 0x2b3, &(0x7f00000005c0)="$eJzs3U9rK1UUAPAzaTqJukgEVyI4oAtX8vq2blKkDx5mpWShLvTBewVpgtBCwT84duVWFy7duhEEd34JP4TgVnBnwcLIZGZMG5OQFNP66O+36e2dc+aee2dK6SKnH740OXqcxeHZ579Gt5tEaxCDOE+iH61ofBlXDL5uRq0AAJ5C50URfxSVTfKSiOhurywAYIs2/v3/09ZLAgC27J1333trfzg8eDvLuvFg8tXpqPzLvvxaXd9P68B70YuLiOIf1fhBURR5Oyv149VJfjoqMycf/FKn7f8eEeN4EnvRi/506mr+w+HBXla5lJ+XdTxb5h/GR4My/3704oUF6z8cHtyfz08meYzSeO2VKr9c/5m6no9jHI+nRVT50Yr4Yi/L3iy+/fOz98uIcv0kPx11pnEzxc4NPRIAAAAAAAAAAAAAAAAAAAAAAO6A1+veOZ2Y9u8pp+r+OzsX5Te7kTX6V/vzVPlJc6O5/kB5Ed81/XnuZVlW1IGz/Ha82I727ewaAAAAAAAAAAAAAAAAAAAA/l9OPvn06NF4/OT4Pxk03QCaj/Vf9z6DSzMvx+rgzmytVj1ccefYaWKSiJVllJtYu+a/6rYH1zu655fV/MOPa9/n+/m9Hy4L3l11PrNB+Qyv+yY0b9fRo2TxGXaimek2L8nPl2PSWHOtdNmlYqPXL114qbfx3tPnpoN8RUwkqwp747fq5OqZZH4X6fRUF6bv1oNY9uC6i57FN0t/Uv4l0a0DAAAAAAAAAAAAAAAAAAC2avah3wUXz1amtorO1soCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBs1+///GwzyOnmN4DSOT255iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANwBfwcAAP//KhZeaA==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

2.17740942s ago: executing program 2 (id=2085):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$inet6(0xa, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500), 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

1.993930342s ago: executing program 0 (id=2087):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f00000000c0)={0x41c21c49b1a76e92})
open_tree(r0, &(0x7f0000000100)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
preadv(r2, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0)

1.941406145s ago: executing program 1 (id=2088):
r0 = add_key$fscrypt_v1(0x0, &(0x7f0000000480), &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454ca, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x8, 0x4000, @fd=r2, 0x20, 0x8, 0x200})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r4, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000001500), 0x588, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r1, 0x5761, &(0x7f0000000680)=ANY=[@ANYBLOB="010000000000000000000000deff000000000000000000b2000000000000004000"/52])
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x107, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r7, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r7, 0x40045612, &(0x7f0000000000)=0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0x541b, &(0x7f0000000000)={<r9=>0xffffffffffffffff})
close_range(r9, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0)
keyctl$update(0x2, r0, &(0x7f0000000040)="b8", 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.412641997s ago: executing program 4 (id=2089):
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4), 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000010000100760100000475000000000000", @ANYRES32=r1, @ANYBLOB="9a"], 0x20}}, 0x0)

1.356196324s ago: executing program 0 (id=2090):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000200)={'#! ', '', [{0x20, '#!2'}, {0x20, '#! '}, {0x20, '/proc/sys/net/ipv4/tcp_congestion_control\x00'}, {}], 0xa, "8855d1bef46f70e481dbdabbfc3bcc3f005c1079e7344e4392717247b88b05708cd1663511237737ac00004c03fa9d00005380"}, 0xfffffe59)
sendmsg$unix(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000002c0)='c', 0x1}], 0x1}, 0x0)
close(r1)
rt_sigreturn()
eventfd(0x0)
poll(0x0, 0x0, 0x64)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mknod(0x0, 0x0, 0x0)

1.307471427s ago: executing program 1 (id=2091):
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)
rt_sigreturn()
getrandom(&(0x7f0000001340)=""/4099, 0xfffffffffffffe16, 0x0)

1.10425237s ago: executing program 0 (id=2093):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000340), 0x8)
ioctl$KDMKTONE(r0, 0x5451, 0x0)

1.104016078s ago: executing program 2 (id=2094):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000980)={r0}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000080007b8af8ff00000000b7080000800000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(&(0x7f0000000100))
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x50}}, 0x0)

1.103563161s ago: executing program 4 (id=2096):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000200), 0x6)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
accept4$unix(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b8afcd6c", @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x41)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0), 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6)

979.775708ms ago: executing program 0 (id=2097):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c0200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x38}}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x342, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

954.420846ms ago: executing program 0 (id=2098):
syz_open_dev$MSR(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x97, 0x2b3, &(0x7f00000005c0)="$eJzs3U9rK1UUAPAzaTqJukgEVyI4oAtX8vq2blKkDx5mpWShLvTBewVpgtBCwT84duVWFy7duhEEd34JP4TgVnBnwcLIZGZMG5OQFNP66O+36e2dc+aee2dK6SKnH740OXqcxeHZ579Gt5tEaxCDOE+iH61ofBlXDL5uRq0AAJ5C50URfxSVTfKSiOhurywAYIs2/v3/09ZLAgC27J1333trfzg8eDvLuvFg8tXpqPzLvvxaXd9P68B70YuLiOIf1fhBURR5Oyv149VJfjoqMycf/FKn7f8eEeN4EnvRi/506mr+w+HBXla5lJ+XdTxb5h/GR4My/3704oUF6z8cHtyfz08meYzSeO2VKr9c/5m6no9jHI+nRVT50Yr4Yi/L3iy+/fOz98uIcv0kPx11pnEzxc4NPRIAAAAAAAAAAAAAAAAAAAAAAO6A1+veOZ2Y9u8pp+r+OzsX5Te7kTX6V/vzVPlJc6O5/kB5Ed81/XnuZVlW1IGz/Ha82I727ewaAAAAAAAAAAAAAAAAAAAA/l9OPvn06NF4/OT4Pxk03QCaj/Vf9z6DSzMvx+rgzmytVj1ccefYaWKSiJVllJtYu+a/6rYH1zu655fV/MOPa9/n+/m9Hy4L3l11PrNB+Qyv+yY0b9fRo2TxGXaimek2L8nPl2PSWHOtdNmlYqPXL114qbfx3tPnpoN8RUwkqwp747fq5OqZZH4X6fRUF6bv1oNY9uC6i57FN0t/Uv4l0a0DAAAAAAAAAAAAAAAAAAC2avah3wUXz1amtorO1soCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBs1+///GwzyOnmN4DSOT255iwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANwBfwcAAP//KhZeaA==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

924.638816ms ago: executing program 2 (id=2099):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000280)={[{@barrier}, {@autodefrag}, {@ref_verify}, {@max_inline={'max_inline', 0x3d, [0x54]}}, {@skip_balance}, {@discard}, {@max_inline={'max_inline', 0x3d, [0x31, 0x39]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55a3, &(0x7f0000023c40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x46b42, 0x0)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
r3 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
lseek(r3, 0x0, 0x0)
write$cgroup_devices(r3, &(0x7f0000000000)=ANY=[], 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x10000000000002)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f000000ac40)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pwrite64(r1, 0x0, 0x0, 0x3)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0xfffffffd, 0x12, "0000000000dfff000000000006bb8d8d00"})
syz_genetlink_get_family_id$nl80211(0x0, r3)
syz_open_pts(0xffffffffffffffff, 0x48f00)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$cgroup_int(r5, &(0x7f00000000c0)=0x7, 0x12)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

855.692007ms ago: executing program 0 (id=2101):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
poll(&(0x7f0000000180)=[{r0}], 0x1, 0xe37e)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @dev}], 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000008500)="88", 0x34000}], 0x1}}], 0x1, 0x0)

616.319802ms ago: executing program 3 (id=2103):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000540), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703020059020001004e002f1eafbcf706e105000000894f000f1120ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada300c9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3332be2c236205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)

616.154665ms ago: executing program 3 (id=2104):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x200, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)

500.094347ms ago: executing program 3 (id=2105):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000840)=""/160, 0xa0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000040)=ANY=[], 0x2b)
dup3(r2, r1, 0x0)
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x0, 0x0, 0x50)

305.184605ms ago: executing program 3 (id=2106):
poll(0x0, 0x0, 0x64)
rt_sigreturn()
mlockall(0x3)
syz_mount_image$fuse(0x0, 0x0, 0x2004000, 0x0, 0x0, 0x0, 0x0)

176.262808ms ago: executing program 4 (id=2107):
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000800))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r2)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)

111.495461ms ago: executing program 3 (id=2108):
poll(0x0, 0x0, 0x64)
rt_sigreturn()
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x8, 0x0)
poll(0x0, 0x0, 0x64)
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
rt_sigreturn()

77.142971ms ago: executing program 4 (id=2109):
r0 = creat(&(0x7f0000000640)='./file0\x00', 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, 0x0, 0x0)

182.611µs ago: executing program 4 (id=2110):
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000340), 0xffffff46)
dup3(r2, r1, 0x0)
sendmsg$netlink(r1, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=ANY=[], 0x10}], 0x1}, 0x0)
close(r1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101545, 0x0)
rt_sigreturn()
poll(0x0, 0x0, 0x64)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
lsetxattr$trusted_overlay_origin(0x0, 0x0, 0x0, 0x1b, 0x0)

0s ago: executing program 3 (id=2111):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_script(r0, &(0x7f0000000340), 0xffffff46)
sendmsg$unix(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0)
close(r1)

kernel console output (not intermixed with test programs):

[  573.860497][T13174] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  573.899749][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  573.932743][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  573.980547][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  574.037361][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  574.304827][T13189] futex_wake_op: syz.4.1630 tries to shift op by -1; fix this program
[  574.617880][ T9103] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  574.962157][T13192] loop2: detected capacity change from 0 to 1024
[  574.976252][T13198] futex_wake_op: syz.1.1633 tries to shift op by -1; fix this program
[  575.048073][T13192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  575.179167][ T5097] Bluetooth: hci3: unexpected event for opcode 0xdeba
[  575.200227][T13208] trusted_key: syz.1.1636 sent an empty control message without MSG_MORE.
[  575.227400][T13053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.246431][ T5145] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  575.270750][T13209] netlink: 'syz.4.1635': attribute type 2 has an invalid length.
[  575.309006][T13209] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1635'.
[  575.377964][ T5097] Bluetooth: hci3: Malformed Event: 0x02
[  575.456158][ T5145] usb 1-1: Using ep0 maxpacket: 32
[  575.469581][ T5145] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  575.486359][ T5145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.497589][ T5145] usb 1-1: config 0 descriptor??
[  575.509648][ T5145] gspca_main: nw80x-2.14.0 probing 055f:d001
[  575.636201][    T8] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  575.838222][T13221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1640'.
[  576.450636][T13222] loop4: detected capacity change from 0 to 40427
[  576.458852][ T5145] gspca_nw80x: reg_r err -110
[  576.463602][ T5145] nw80x 1-1:0.0: probe with driver nw80x failed with error -110
[  576.481401][T13222] F2FS-fs (loop4): Invalid log sectors per block(3) log sectorsize(10)
[  576.489691][T13222] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  576.537416][T13222] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  576.588894][ T5097] Bluetooth: hci6: Malformed HCI Event: 0x22
[  576.728885][    T8] usb 3-1: config 1 interface 0 altsetting 254 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  576.756140][    T8] usb 3-1: config 1 interface 0 has no altsetting 0
[  576.764080][T13222] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  576.764972][    T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  576.771474][T13222] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  576.799782][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  576.821495][    T8] usb 3-1: SerialNumber: syz
[  576.883627][ T5145] usb 1-1: USB disconnect, device number 48
[  577.170757][T13242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1643'.
[  577.190186][T13242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1643'.
[  577.223715][T13242] loop1: detected capacity change from 0 to 256
[  577.502518][T13247] loop4: detected capacity change from 0 to 256
[  577.543974][T13247] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  577.568058][    T8] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  577.590616][    T8] usb 3-1: USB disconnect, device number 44
[  577.906291][ T5145] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  577.948894][T13262] futex_wake_op: syz.0.1646 tries to shift op by -1; fix this program
[  578.102130][ T5145] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  578.128647][ T5145] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  578.140275][ T5145] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  578.156259][ T5145] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.175076][ T5145] usb 5-1: config 0 descriptor??
[  578.323852][T13274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1652'.
[  578.587970][T13247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.609798][T13247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.797722][ T5145] prodikeys 0003:041E:2801.0009: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.4-1/input0
[  578.888631][T13293] bond0: (slave erspan0): Opening slave failed
[  578.921575][    T9] usb 5-1: USB disconnect, device number 47
[  579.419354][T13285] loop2: detected capacity change from 0 to 32768
[  579.440310][T13285] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1650 (13285)
[  579.487343][T13285] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  579.491185][T13306] x_tables: ip_tables: osf match: only valid for protocol 6
[  579.518998][T13285] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  579.546377][T13285] BTRFS info (device loop2): using free-space-tree
[  579.636823][ T5097] Bluetooth: hci3: Malformed HCI Event: 0x22
[  579.657597][T13289] loop1: detected capacity change from 0 to 32768
[  579.669203][T13289] XFS: ikeep mount option is deprecated.
[  579.695566][T13289] XFS: noikeep mount option is deprecated.
[  579.816869][T13289] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  579.902773][T13053] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  579.935643][T13289] XFS (loop1): Ending clean mount
[  579.976655][T13289] XFS (loop1): Quotacheck needed: Please wait.
[  580.079647][T13289] XFS (loop1): Quotacheck: Done.
[  580.265397][T12137] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  581.222808][T13345] loop2: detected capacity change from 0 to 32768
[  581.257843][T13345] XFS: ikeep mount option is deprecated.
[  581.264506][T13345] XFS: noikeep mount option is deprecated.
[  581.296038][T13363] futex_wake_op: syz.1.1663 tries to shift op by -1; fix this program
[  581.314111][T13345] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  581.592571][T13378] bond0: (slave erspan0): Opening slave failed
[  581.758308][T13345] XFS (loop2): Ending clean mount
[  581.766342][T13345] XFS (loop2): Quotacheck needed: Please wait.
[  581.821116][T13345] XFS (loop2): Quotacheck: Done.
[  581.915236][T13053] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  582.116806][T13385] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  582.293879][T13389] loop1: detected capacity change from 0 to 1024
[  582.306856][T13389] ext4: Bad value for 'debug_want_extra_isize'
[  582.378193][T13393] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  582.726149][ T5097] Bluetooth: hci2: ACL packet for unknown connection handle 3016
[  582.759151][ T5097] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  582.796291][    T8] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  582.911275][T13409] loop1: detected capacity change from 0 to 2048
[  582.945933][T13414] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  582.984927][   T29] audit: type=1804 audit(1721047532.854:144): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1678" name="/newroot/64/file0/file2" dev="loop1" ino=16 res=1 errno=0
[  583.006512][ T5097] Bluetooth: hci1: Malformed HCI Event: 0x22
[  583.190995][    T8] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  583.280794][    T8] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  583.354229][    T8] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  583.426058][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.478592][T13387] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  583.483391][T13419] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1680'.
[  583.519793][T13419] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1680'.
[  583.805487][T13423] x_tables: ip_tables: osf match: only valid for protocol 6
[  584.639796][ T5097] Bluetooth: hci0: Malformed HCI Event: 0x22
[  585.241722][T13434] bond0: (slave erspan0): Opening slave failed
[  585.326419][ T5097] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  585.413592][    T8] usb 5-1: USB disconnect, device number 48
[  585.454229][T13423] loop1: detected capacity change from 0 to 40427
[  585.518611][T13423] F2FS-fs (loop1): Found nat_bits in checkpoint
[  585.670453][T13423] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  585.917432][T13447] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1687'.
[  586.075838][ T2908] kworker/u8:9: attempt to access beyond end of device
[  586.075838][ T2908] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  586.202041][T13455] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  586.202041][T13455] S�Ș�ȞZ�6��'
[  586.497855][ T2908] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  586.506270][    T8] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  586.649869][ T5097] Bluetooth: hci6: ACL packet for unknown connection handle 3016
[  586.759029][    T8] usb 1-1: Using ep0 maxpacket: 16
[  586.780761][    T8] usb 1-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  586.799655][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.800015][T13464] loop4: detected capacity change from 0 to 4096
[  586.825669][T13467] loop2: detected capacity change from 0 to 1024
[  586.827039][    T8] usb 1-1: Product: syz
[  586.846153][T13464] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  586.846463][    T8] usb 1-1: Manufacturer: syz
[  586.856845][T13467] ext4: Unknown parameter 'seclabel'
[  586.874936][T13464] ntfs3: loop4: It is recommened to use chkdsk.
[  586.881675][    T8] usb 1-1: SerialNumber: syz
[  586.897989][    T8] usb 1-1: config 0 descriptor??
[  586.919293][T13467] loop2: detected capacity change from 0 to 1024
[  586.935667][T13467] ext4: Unknown parameter 'seclabel'
[  586.978387][T13467] loop2: detected capacity change from 0 to 1024
[  587.000362][ T5097] Bluetooth: hci6: Malformed HCI Event: 0x22
[  587.001091][T13467] ext4: Unknown parameter 'seclabel'
[  587.142037][T13467] loop2: detected capacity change from 0 to 1024
[  587.162445][T13467] ext4: Unknown parameter 'seclabel'
[  587.224207][T13467] loop2: detected capacity change from 0 to 1024
[  587.242758][T13467] ext4: Unknown parameter 'seclabel'
[  587.302477][T13467] loop2: detected capacity change from 0 to 1024
[  587.324440][T13467] ext4: Unknown parameter 'seclabel'
[  587.421141][T13467] loop2: detected capacity change from 0 to 1024
[  587.452853][T13467] ext4: Unknown parameter 'seclabel'
[  587.453719][T13481] futex_wake_op: syz.4.1695 tries to shift op by -1; fix this program
[  587.516366][T13467] loop2: detected capacity change from 0 to 1024
[  587.523208][T13467] ext4: Unknown parameter 'seclabel'
[  587.612827][T13467] loop2: detected capacity change from 0 to 1024
[  587.632316][T13467] ext4: Unknown parameter 'seclabel'
[  587.639985][ T5097] Bluetooth: hci3: Malformed HCI Event: 0x22
[  587.678076][T13467] loop2: detected capacity change from 0 to 1024
[  587.693247][T13467] ext4: Unknown parameter 'seclabel'
[  587.781338][T13467] loop2: detected capacity change from 0 to 1024
[  587.813281][T13467] ext4: Unknown parameter 'seclabel'
[  587.831494][T13467] loop2: detected capacity change from 0 to 1024
[  587.838398][T13467] ext4: Unknown parameter 'seclabel'
[  587.856204][T13467] loop2: detected capacity change from 0 to 1024
[  587.863106][T13467] ext4: Unknown parameter 'seclabel'
[  588.379661][T13467] loop2: detected capacity change from 0 to 1024
[  588.406948][T13467] ext4: Unknown parameter 'seclabel'
[  588.452985][T13467] loop2: detected capacity change from 0 to 1024
[  588.471589][T13467] ext4: Unknown parameter 'seclabel'
[  588.524286][T13467] loop2: detected capacity change from 0 to 1024
[  588.538674][T13467] ext4: Unknown parameter 'seclabel'
[  588.547179][T13474] loop1: detected capacity change from 0 to 40427
[  588.569561][T13474] F2FS-fs (loop1): Invalid segment count (0)
[  588.579312][T13467] loop2: detected capacity change from 0 to 1024
[  588.585917][T13474] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  588.601549][T13467] ext4: Unknown parameter 'seclabel'
[  588.608986][T13474] F2FS-fs (loop1): invalid crc value
[  588.632175][T13467] loop2: detected capacity change from 0 to 1024
[  588.642609][T13467] ext4: Unknown parameter 'seclabel'
[  588.673982][T13467] loop2: detected capacity change from 0 to 1024
[  588.689382][T13467] ext4: Unknown parameter 'seclabel'
[  588.723323][T13474] F2FS-fs (loop1): Found nat_bits in checkpoint
[  588.759012][T13467] loop2: detected capacity change from 0 to 1024
[  588.790066][T13467] ext4: Unknown parameter 'seclabel'
[  588.862092][T13467] loop2: detected capacity change from 0 to 1024
[  588.881494][T13496] bond0: (slave erspan0): Opening slave failed
[  588.985547][ T5146] usb 1-1: USB disconnect, device number 49
[  589.028854][T13467] ext4: Unknown parameter 'seclabel'
[  589.077534][T13500] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1698'.
[  589.089916][T13474] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  589.091730][T13467] loop2: detected capacity change from 0 to 1024
[  589.108204][T13474] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  589.128973][T13467] ext4: Unknown parameter 'seclabel'
[  589.159092][T12137] syz-executor: attempt to access beyond end of device
[  589.159092][T12137] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  589.193931][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.196213][T12137] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  589.209747][T13467] loop2: detected capacity change from 0 to 1024
[  589.218985][T13467] ext4: Unknown parameter 'seclabel'
[  589.225590][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.242207][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.264011][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.272824][T13467] loop2: detected capacity change from 0 to 1024
[  589.280227][T13467] ext4: Unknown parameter 'seclabel'
[  589.287291][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.303700][T13504] netlink: 'syz.0.1699': attribute type 29 has an invalid length.
[  589.320617][T13467] loop2: detected capacity change from 0 to 1024
[  589.331915][T13467] ext4: Unknown parameter 'seclabel'
[  589.361517][T13467] loop2: detected capacity change from 0 to 1024
[  589.369096][T13467] ext4: Unknown parameter 'seclabel'
[  589.388321][T13467] loop2: detected capacity change from 0 to 1024
[  589.395157][T13467] ext4: Unknown parameter 'seclabel'
[  589.538608][T13467] loop2: detected capacity change from 0 to 1024
[  589.545431][T13467] ext4: Unknown parameter 'seclabel'
[  589.577635][T13467] loop2: detected capacity change from 0 to 1024
[  589.585079][T13467] ext4: Unknown parameter 'seclabel'
[  589.632935][T13467] loop2: detected capacity change from 0 to 1024
[  589.643241][T13467] ext4: Unknown parameter 'seclabel'
[  589.674580][T13467] loop2: detected capacity change from 0 to 1024
[  589.686935][T13467] ext4: Unknown parameter 'seclabel'
[  589.730494][T13467] loop2: detected capacity change from 0 to 1024
[  590.406421][ T5097] Bluetooth: hci1: ACL packet for unknown connection handle 3016
[  590.513305][T13515] loop2: detected capacity change from 0 to 2048
[  590.584284][T13520] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  590.689611][   T29] audit: type=1804 audit(1721047540.574:145): pid=13515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1704" name="/newroot/14/file0/file2" dev="loop2" ino=16 res=1 errno=0
[  590.772613][T13526] futex_wake_op: syz.4.1706 tries to shift op by -1; fix this program
[  590.900632][ T5097] Bluetooth: hci6: Malformed HCI Event: 0x22
[  591.107261][T13536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1709'.
[  591.678410][T13543] netlink: 'syz.4.1711': attribute type 29 has an invalid length.
[  591.692041][T13543] netlink: 'syz.4.1711': attribute type 29 has an invalid length.
[  591.701339][T13543] netlink: 'syz.4.1711': attribute type 29 has an invalid length.
[  591.702764][T13544] loop2: detected capacity change from 0 to 512
[  591.710056][T13543] netlink: 'syz.4.1711': attribute type 29 has an invalid length.
[  591.760607][T13544] EXT4-fs (loop2): filesystem is read-only
[  591.807902][ T5097] Bluetooth: hci2: Malformed HCI Event: 0x22
[  592.058377][T13551] loop2: detected capacity change from 0 to 1024
[  592.089227][T13551] EXT4-fs: Ignoring removed orlov option
[  592.107882][T13551] EXT4-fs (loop2): Test dummy encryption mode enabled
[  592.117012][T13551] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  592.156156][T13551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  592.306893][ T5146] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  592.526200][ T5146] usb 1-1: Using ep0 maxpacket: 16
[  592.605213][ T5146] usb 1-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  593.086127][ T5146] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.132859][ T5146] usb 1-1: Product: syz
[  593.151078][ T5146] usb 1-1: Manufacturer: syz
[  593.155756][ T5146] usb 1-1: SerialNumber: syz
[  593.165064][ T5146] usb 1-1: config 0 descriptor??
[  593.173720][ T5146] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  593.191048][ T5146] dvb-usb: bulk message failed: -22 (2/0)
[  593.208018][ T5146] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) error while loading driver (-22)
[  593.240666][T13053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.278580][T13569] futex_wake_op: syz.4.1719 tries to shift op by -1; fix this program
[  593.377427][ T5146] usb 1-1: USB disconnect, device number 50
[  593.425262][T13571] loop2: detected capacity change from 0 to 16
[  593.445356][T13571] erofs: (device loop2): mounted with root inode @ nid 36.
[  595.625089][ T5097] Bluetooth: hci2: Malformed HCI Event: 0x22
[  595.663104][T13599] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  595.663104][T13599] S�Ș�ȞZ�6��'
[  596.597815][T13593] loop4: detected capacity change from 0 to 1764
[  596.702167][T13605] loop1: detected capacity change from 0 to 512
[  596.720183][T13605] EXT4-fs (loop1): filesystem is read-only
[  596.816206][ T5141] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  596.836829][ T5144] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  596.873143][T13608] loop1: detected capacity change from 0 to 1024
[  596.881031][T13608] EXT4-fs: Ignoring removed orlov option
[  596.899919][T13608] EXT4-fs (loop1): Test dummy encryption mode enabled
[  596.907278][T13608] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  596.932750][T13608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  597.007061][T13616] futex_wake_op: syz.4.1732 tries to shift op by -1; fix this program
[  597.040107][ T5141] usb 3-1: Using ep0 maxpacket: 16
[  597.080149][ T5144] usb 1-1: config 0 has an invalid interface number: 3 but max is 0
[  597.094586][ T5141] usb 3-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  597.116777][ T5144] usb 1-1: config 0 has no interface number 0
[  597.123002][ T5141] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  597.132475][ T5144] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  597.141734][ T5141] usb 3-1: Product: syz
[  597.148505][ T5141] usb 3-1: Manufacturer: syz
[  597.155143][ T5144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.166793][ T5141] usb 3-1: SerialNumber: syz
[  597.173352][ T5141] usb 3-1: config 0 descriptor??
[  597.179350][ T5144] usb 1-1: config 0 descriptor??
[  597.189347][ T5144] cp210x 1-1:0.3: cp210x converter detected
[  597.971418][T12137] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.054595][T13624] loop4: detected capacity change from 0 to 1024
[  598.081372][T13626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1736'.
[  598.102780][T13626] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1736'.
[  598.440393][T13632] loop4: detected capacity change from 0 to 2048
[  598.536238][T12249] usb 3-1: USB disconnect, device number 45
[  598.554248][T13631] loop1: detected capacity change from 0 to 2048
[  598.638548][T13632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.666553][T13632] ext4 filesystem being mounted at /335/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  598.806513][T13631] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.826595][T13631] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  598.862997][T13643] fs-verity (loop4, inode 13): ext4_end_enable_verity() failed with err -28
[  599.158108][ T5097] Bluetooth: hci1: Malformed HCI Event: 0x22
[  599.762212][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.972105][T12137] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.997114][ T5144] cp210x 1-1:0.3: failed to get vendor val 0x370b size 1: -71
[  600.004645][ T5144] cp210x 1-1:0.3: querying part number failed
[  600.038356][ T5144] usb 1-1: cp210x converter now attached to ttyUSB0
[  600.058156][ T5144] usb 1-1: USB disconnect, device number 51
[  600.071159][ T5144] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  600.090146][ T5144] cp210x 1-1:0.3: device disconnected
[  600.245686][T13664] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1743'.
[  600.305820][T13664] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1743'.
[  600.901972][T13676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1746'.
[  600.943072][T13676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1746'.
[  600.982423][T13658] loop1: detected capacity change from 0 to 40427
[  601.022944][T13658] F2FS-fs (loop1): Found nat_bits in checkpoint
[  601.174121][T13658] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  601.352229][T13687] syz.2.1749 (13687): drop_caches: 2
[  601.397844][T13687] syz.2.1749 (13687): drop_caches: 2
[  601.473237][T13685] syz.2.1749 (13685): drop_caches: 2
[  601.532361][T13685] syz.2.1749 (13685): drop_caches: 2
[  601.638530][   T29] audit: type=1326 audit(1721047551.514:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13688 comm="syz.0.1750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb92975bd9 code=0x0
[  602.007071][ T5097] Bluetooth: hci6: ACL packet for unknown connection handle 3016
[  602.076421][ T5143] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  602.286191][ T5143] usb 5-1: Using ep0 maxpacket: 16
[  602.298458][T13704] loop2: detected capacity change from 0 to 1764
[  602.320470][T12137] syz-executor: attempt to access beyond end of device
[  602.320470][T12137] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  602.345531][ T5143] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  602.363161][T12137] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  602.365120][ T5143] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.391240][T12137] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  602.418127][ T5143] usb 5-1: Product: syz
[  602.439097][ T5143] usb 5-1: Manufacturer: syz
[  602.460624][ T5143] usb 5-1: SerialNumber: syz
[  602.495466][ T5143] usb 5-1: config 0 descriptor??
[  602.541829][ T5143] usb_ehset_test 5-1:0.0: probe with driver usb_ehset_test failed with error -32
[  602.744712][T13697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  602.753440][T13697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  603.521583][T13714] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  603.521583][T13714] S�Ș�ȞZ�6��'
[  603.836366][T12249] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  603.902238][T13716] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1757'.
[  604.021285][ T5097] Bluetooth: hci2: Malformed HCI Event: 0x22
[  604.028010][T12249] usb 3-1: Using ep0 maxpacket: 16
[  604.038768][T12249] usb 3-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  604.094985][T12249] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.105676][T12249] usb 3-1: Product: syz
[  604.208584][T12249] usb 3-1: Manufacturer: syz
[  604.234866][T12249] usb 3-1: SerialNumber: syz
[  604.648265][T12249] usb 3-1: config 0 descriptor??
[  604.660095][ T5144] usb 5-1: USB disconnect, device number 49
[  604.942960][T13734] loop4: detected capacity change from 0 to 256
[  604.967441][T13734] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  605.764114][T13745] FAULT_INJECTION: forcing a failure.
[  605.764114][T13745] name failslab, interval 1, probability 0, space 0, times 0
[  605.888927][T13745] CPU: 0 UID: 0 PID: 13745 Comm: syz.0.1764 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  605.899335][T13745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  605.909444][T13745] Call Trace:
[  605.912736][T13745]  <TASK>
[  605.915680][T13745]  dump_stack_lvl+0x241/0x360
[  605.920368][T13745]  ? __pfx_dump_stack_lvl+0x10/0x10
[  605.925581][T13745]  ? __pfx__printk+0x10/0x10
[  605.930189][T13745]  ? _copy_from_iter+0x26b/0x1960
[  605.935242][T13745]  should_fail_ex+0x3b0/0x4e0
[  605.939956][T13745]  ? build_skb+0x52/0x2a0
[  605.944308][T13745]  should_failslab+0xac/0x100
[  605.949019][T13745]  ? build_skb+0x52/0x2a0
[  605.953370][T13745]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  605.958758][T13745]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  605.964772][T13745]  build_skb+0x52/0x2a0
[  605.968965][T13745]  ? __tun_build_skb+0x25/0x2f0
[  605.973850][T13745]  __tun_build_skb+0x33/0x2f0
[  605.978565][T13745]  tun_get_user+0x20bb/0x4720
[  605.983272][T13745]  ? tun_get_user+0x871/0x4720
[  605.988058][T13745]  ? aa_file_perm+0x137/0xf60
[  605.992772][T13745]  ? __pfx_tun_get_user+0x10/0x10
[  605.997842][T13745]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  606.003336][T13745]  ? rcu_is_watching+0x15/0xb0
[  606.008209][T13745]  ? __pfx_lock_release+0x10/0x10
[  606.013246][T13745]  ? end_current_label_crit_section+0x14e/0x180
[  606.016187][ T5097] Bluetooth: hci2: ACL packet for unknown connection handle 3016
[  606.019498][T13745]  ? common_file_perm+0x1a6/0x210
[  606.032234][T13745]  ? tun_get+0x1e/0x2f0
[  606.036393][T13745]  ? tun_get+0x27d/0x2f0
[  606.040634][T13745]  tun_chr_write_iter+0x113/0x1f0
[  606.045661][T13745]  vfs_write+0xa72/0xc90
[  606.049932][T13745]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  606.055477][T13745]  ? __pfx_vfs_write+0x10/0x10
[  606.060259][T13745]  ksys_write+0x1a0/0x2c0
[  606.064599][T13745]  ? __pfx_ksys_write+0x10/0x10
[  606.069455][T13745]  ? rcu_is_watching+0x15/0xb0
[  606.074221][T13745]  ? rcu_is_watching+0x15/0xb0
[  606.078982][T13745]  do_syscall_64+0xf3/0x230
[  606.083491][T13745]  ? clear_bhb_loop+0x35/0x90
[  606.088175][T13745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.094068][T13745] RIP: 0033:0x7fcb9297475f
[  606.098490][T13745] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  606.118101][T13745] RSP: 002b:00007fcb9373b010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  606.126528][T13745] RAX: ffffffffffffffda RBX: 00007fcb92b03f60 RCX: 00007fcb9297475f
[  606.134505][T13745] RDX: 000000000000003a RSI: 00000000200014c0 RDI: 00000000000000c8
[  606.142503][T13745] RBP: 00007fcb9373b0a0 R08: 0000000000000000 R09: 0000000000000000
[  606.150473][T13745] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001
[  606.158444][T13745] R13: 000000000000000b R14: 00007fcb92b03f60 R15: 00007ffe217f8588
[  606.166505][T13745]  </TASK>
[  606.181638][T13750] loop1: detected capacity change from 0 to 2048
[  606.427295][ T5143] usb 3-1: USB disconnect, device number 46
[  606.844417][T13754] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1768'.
[  606.903144][T13758] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  606.948211][   T29] audit: type=1804 audit(1721047556.824:147): pid=13750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1765" name="/newroot/78/file0/file2" dev="loop1" ino=16 res=1 errno=0
[  606.997149][   T29] audit: type=1326 audit(1721047556.874:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13741 comm="syz.3.1763" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d6cf75bd9 code=0x0
[  607.186959][ T5146] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  607.316553][ T5143] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  607.378266][ T5146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.404564][ T5146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.450467][ T5146] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  607.474084][ T5146] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.493199][ T5146] usb 1-1: config 0 descriptor??
[  608.361045][T13776] loop1: detected capacity change from 0 to 40427
[  608.395500][T13776] F2FS-fs (loop1): Invalid log sectors per block(3) log sectorsize(10)
[  608.403895][T13776] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  608.456317][T13776] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  608.726252][T13776] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  608.733384][T13776] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  608.779371][ T5143] usb 3-1: Using ep0 maxpacket: 32
[  608.812354][ T5143] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  608.853085][ T5143] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.988189][T13756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.992221][ T5143] usb 3-1: config 0 descriptor??
[  609.075533][T13756] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  609.087731][ T5143] gspca_main: sunplus-2.14.0 probing 0458:7006
[  609.250773][    C0] eth0: bad gso: type: 1, size: 1408
[  609.607959][T13789] loop4: detected capacity change from 0 to 128
[  609.641035][ T5146] usbhid 1-1:0.0: can't add hid device: -71
[  609.650829][ T5146] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  609.709141][ T5146] usb 1-1: USB disconnect, device number 52
[  609.837034][ T5143] gspca_sunplus: reg_w_riv err -71
[  609.842283][ T5143] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  609.868450][ T5143] usb 3-1: USB disconnect, device number 47
[  609.871270][T13792] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1780'.
[  610.831513][T13805] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  610.831513][T13805] S�Ș�ȞZ�6��'
[  611.426239][   T29] audit: type=1326 audit(1721047561.284:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13802 comm="syz.1.1783" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3550f75bd9 code=0x0
[  611.456181][ T5146] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  611.656591][ T5146] usb 5-1: Using ep0 maxpacket: 16
[  611.665685][ T5146] usb 5-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  611.691416][ T5146] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  611.713761][ T5146] usb 5-1: Product: syz
[  611.729934][ T5146] usb 5-1: Manufacturer: syz
[  611.746872][ T5146] usb 5-1: SerialNumber: syz
[  611.758216][    C0] eth0: bad gso: type: 1, size: 1408
[  611.769410][ T5146] usb 5-1: config 0 descriptor??
[  612.556343][T13824] FAULT_INJECTION: forcing a failure.
[  612.556343][T13824] name failslab, interval 1, probability 0, space 0, times 0
[  612.640564][T13824] CPU: 0 UID: 0 PID: 13824 Comm: syz.0.1785 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  612.650881][T13824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  612.660968][T13824] Call Trace:
[  612.664269][T13824]  <TASK>
[  612.667217][T13824]  dump_stack_lvl+0x241/0x360
[  612.671968][T13824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  612.677294][T13824]  ? __pfx__printk+0x10/0x10
[  612.681921][T13824]  ? __pfx___might_resched+0x10/0x10
[  612.687236][T13824]  ? rcu_is_watching+0x15/0xb0
[  612.692022][T13824]  should_fail_ex+0x3b0/0x4e0
[  612.696742][T13824]  ? shmem_alloc_inode+0x28/0x40
[  612.701719][T13824]  should_failslab+0xac/0x100
[  612.706476][T13824]  ? shmem_alloc_inode+0x28/0x40
[  612.711457][T13824]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[  612.717215][T13824]  shmem_alloc_inode+0x28/0x40
[  612.722017][T13824]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  612.727514][T13824]  new_inode+0x6e/0x310
[  612.731702][T13824]  shmem_get_inode+0x34a/0xd50
[  612.736500][T13824]  ? _raw_spin_unlock+0x28/0x50
[  612.741380][T13824]  __shmem_file_setup+0x171/0x2c0
[  612.746528][T13824]  __se_sys_memfd_create+0x36b/0x850
[  612.751857][T13824]  do_syscall_64+0xf3/0x230
[  612.756397][T13824]  ? clear_bhb_loop+0x35/0x90
[  612.761102][T13824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  612.767022][T13824] RIP: 0033:0x7fcb92975bd9
[  612.771464][T13824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  612.791274][T13824] RSP: 002b:00007fcb93719e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f
[  612.799722][T13824] RAX: ffffffffffffffda RBX: 0000000000009dee RCX: 00007fcb92975bd9
[  612.807726][T13824] RDX: 00007fcb93719f00 RSI: 0000000000000000 RDI: 00007fcb929e3d24
[  612.815750][T13824] RBP: 0000000020000000 R08: 00007fcb93719bc7 R09: 00007fcb93719e50
[  612.823754][T13824] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020009ec0
[  612.831754][T13824] R13: 00007fcb93719f00 R14: 00007fcb93719ec0 R15: 0000000020009f40
[  612.838201][T13825] loop1: detected capacity change from 0 to 40427
[  612.839742][T13824]  </TASK>
[  612.849234][    C0] vkms_vblank_simulate: vblank timer overrun
[  612.875724][T13825] F2FS-fs (loop1): Invalid log sectors per block(3) log sectorsize(10)
[  612.884114][T13825] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  612.922705][T13825] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  612.994584][T13825] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  613.001737][T13825] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  613.953186][    T9] usb 5-1: USB disconnect, device number 50
[  614.137089][T13843] loop4: detected capacity change from 0 to 256
[  614.231681][T13843] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  614.315684][ T2908] bridge_slave_1: left allmulticast mode
[  614.331588][ T2908] bridge_slave_1: left promiscuous mode
[  614.341905][ T2908] bridge0: port 2(bridge_slave_1) entered disabled state
[  614.368326][ T2908] bridge_slave_0: left allmulticast mode
[  614.381742][ T2908] bridge_slave_0: left promiscuous mode
[  614.391540][ T2908] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.500181][ T5143] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  614.529771][T13849] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1791'.
[  614.596168][    T9] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  614.716172][ T5143] usb 3-1: Using ep0 maxpacket: 32
[  614.725884][ T5143] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  614.745347][ T5143] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.769456][ T5143] usb 3-1: config 0 descriptor??
[  614.786384][ T5143] gspca_main: sunplus-2.14.0 probing 0458:7006
[  614.808517][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  614.826105][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  614.844732][    T9] usb 5-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  614.856270][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  614.886516][    T9] usb 5-1: config 0 descriptor??
[  614.975289][ T2908] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  615.019407][ T2908] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  615.064353][ T2908] bond0 (unregistering): Released all slaves
[  615.105988][T13843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  615.120819][ T2908] bond1 (unregistering): Released all slaves
[  615.131736][   T29] audit: type=1326 audit(1721047565.014:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13856 comm="syz.0.1797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb92975bd9 code=0x0
[  615.135290][T13843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  615.161355][    C0] vkms_vblank_simulate: vblank timer overrun
[  615.189526][ T2908] bond2 (unregistering): Released all slaves
[  615.476362][ T5143] gspca_sunplus: reg_w_riv err -71
[  615.489421][ T5143] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  615.497596][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  615.509476][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  615.525465][ T5143] usb 3-1: USB disconnect, device number 48
[  615.689951][    T9] usb 5-1: USB disconnect, device number 51
[  615.887758][    C0] eth0: bad gso: type: 1, size: 1408
[  615.896963][    C0] eth0: bad gso: type: 1, size: 1408
[  616.105765][T13872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  616.674998][ T2908] hsr_slave_0: left promiscuous mode
[  616.681452][ T2908] hsr_slave_1: left promiscuous mode
[  616.689644][ T2908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  616.708280][ T2908] batman_adv: batadv0: Removing interface: batadv_slave_0
[  616.720993][ T2908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  616.730714][ T2908] batman_adv: batadv0: Removing interface: batadv_slave_1
[  616.741773][ T2908] veth1_macvtap: left promiscuous mode
[  616.750254][ T2908] veth0_macvtap: left promiscuous mode
[  616.761729][ T2908] veth1_vlan: left promiscuous mode
[  616.768519][ T2908] veth0_vlan: left promiscuous mode
[  617.050065][T13882] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1805'.
[  617.604712][T13895] loop2: detected capacity change from 0 to 128
[  617.641518][T13895] VFS: Found a Xenix FS (block size = 512) on device loop2
[  617.651615][T13895] syz.2.1808: attempt to access beyond end of device
[  617.651615][T13895] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  617.676217][T13895] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  617.693197][T13895] syz.2.1808: attempt to access beyond end of device
[  617.693197][T13895] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  617.720489][T13895] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  617.762900][T13895] syz.2.1808: attempt to access beyond end of device
[  617.762900][T13895] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  617.802833][T13895] Buffer I/O error on dev loop2, logical block 1157, async page read
[  617.849468][T13895] syz.2.1808: attempt to access beyond end of device
[  617.849468][T13895] loop2: rw=0, sector=3211264, nr_sectors = 1 limit=128
[  617.886398][ T5144] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  617.933149][ T2908] team0 (unregistering): Port device team_slave_1 removed
[  617.946182][T13895] Buffer I/O error on dev loop2, logical block 3211264, async page read
[  617.963616][T13895] syz.2.1808: attempt to access beyond end of device
[  617.963616][T13895] loop2: rw=0, sector=8768635, nr_sectors = 1 limit=128
[  617.980456][T13895] Buffer I/O error on dev loop2, logical block 8768635, async page read
[  617.991019][T13895] syz.2.1808: attempt to access beyond end of device
[  617.991019][T13895] loop2: rw=0, sector=13466417, nr_sectors = 1 limit=128
[  618.005366][T13895] Buffer I/O error on dev loop2, logical block 13466417, async page read
[  618.005712][ T2908] team0 (unregistering): Port device team_slave_0 removed
[  618.018825][T13895] syz.2.1808: attempt to access beyond end of device
[  618.018825][T13895] loop2: rw=0, sector=209285, nr_sectors = 1 limit=128
[  618.045082][T13895] Buffer I/O error on dev loop2, logical block 209285, async page read
[  618.072695][T13895] syz.2.1808: attempt to access beyond end of device
[  618.072695][T13895] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  618.099933][T13895] Buffer I/O error on dev loop2, logical block 8767744, async page read
[  618.109143][T13895] syz.2.1808: attempt to access beyond end of device
[  618.109143][T13895] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  618.126057][ T5144] usb 4-1: Using ep0 maxpacket: 16
[  618.132697][T13895] Buffer I/O error on dev loop2, logical block 13269809, async page read
[  618.143083][ T5144] usb 4-1: config 0 has an invalid interface number: 119 but max is 0
[  618.169135][ T5144] usb 4-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  618.195498][ T5144] usb 4-1: config 0 has no interface number 0
[  618.204003][T13895] syz.2.1808: attempt to access beyond end of device
[  618.204003][T13895] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128
[  618.227757][ T5144] usb 4-1: config 0 interface 119 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  618.264305][   T29] audit: type=1326 audit(1721047568.114:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.0.1810" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb92975bd9 code=0x0
[  618.266569][T13895] Buffer I/O error on dev loop2, logical block 1157, async page read
[  618.306571][ T5144] usb 4-1: New USB device found, idVendor=04ca, idProduct=3014, bcdDevice=ce.5f
[  618.319274][ T5144] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.334329][ T5144] usb 4-1: Product: syz
[  618.342844][ T5144] usb 4-1: Manufacturer: syz
[  618.347640][ T5144] usb 4-1: SerialNumber: syz
[  618.362237][ T5144] usb 4-1: config 0 descriptor??
[  618.390506][T13895] sysv_free_block: trying to free block not in datazone
[  618.446936][   T29] audit: type=1800 audit(1721047568.274:152): pid=13895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1808" name="/" dev="loop2" ino=2 res=0 errno=0
[  618.520384][T13053] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  618.888439][    C0] eth0: bad gso: type: 1, size: 1408
[  619.409785][ T5146] usb 4-1: USB disconnect, device number 43
[  619.429428][T13922] FAULT_INJECTION: forcing a failure.
[  619.429428][T13922] name failslab, interval 1, probability 0, space 0, times 0
[  619.468035][ T2908] IPVS: stop unused estimator thread 0...
[  619.481653][T13922] CPU: 1 UID: 0 PID: 13922 Comm: syz.0.1815 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  619.491954][T13922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  619.502036][T13922] Call Trace:
[  619.505347][T13922]  <TASK>
[  619.508289][T13922]  dump_stack_lvl+0x241/0x360
[  619.513009][T13922]  ? __pfx_dump_stack_lvl+0x10/0x10
[  619.518247][T13922]  ? __pfx__printk+0x10/0x10
[  619.522871][T13922]  ? __pfx___might_resched+0x10/0x10
[  619.528190][T13922]  should_fail_ex+0x3b0/0x4e0
[  619.532912][T13922]  should_failslab+0xac/0x100
[  619.537622][T13922]  ? __alloc_skb+0x1c3/0x440
[  619.542219][T13922]  kmem_cache_alloc_node_noprof+0x71/0x320
[  619.548046][T13922]  ? idr_get_next+0x3c6/0x4a0
[  619.552752][T13922]  __alloc_skb+0x1c3/0x440
[  619.557191][T13922]  ? __pfx___alloc_skb+0x10/0x10
[  619.562148][T13922]  ctrl_getfamily+0x48c/0x6b0
[  619.566840][T13922]  ? __pfx_ctrl_getfamily+0x10/0x10
[  619.572062][T13922]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[  619.578417][T13922]  genl_rcv_msg+0xb14/0xec0
[  619.582941][T13922]  ? __pfx_genl_rcv_msg+0x10/0x10
[  619.587980][T13922]  ? do_syscall_64+0xf3/0x230
[  619.592673][T13922]  ? rcu_is_watching+0x15/0xb0
[  619.597450][T13922]  ? __pfx_lock_acquire+0x10/0x10
[  619.602501][T13922]  ? __pfx_ctrl_getfamily+0x10/0x10
[  619.607716][T13922]  ? __pfx___might_resched+0x10/0x10
[  619.613020][T13922]  netlink_rcv_skb+0x1e3/0x430
[  619.617809][T13922]  ? __pfx_genl_rcv_msg+0x10/0x10
[  619.622846][T13922]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  619.628147][T13922]  ? lock_release+0xbf/0xa30
[  619.632757][T13922]  ? __netlink_deliver_tap+0x77e/0x7c0
[  619.638235][T13922]  genl_rcv+0x28/0x40
[  619.642227][T13922]  netlink_unicast+0x7f0/0x990
[  619.647004][T13922]  ? __pfx_netlink_unicast+0x10/0x10
[  619.652302][T13922]  ? __virt_addr_valid+0x183/0x530
[  619.657429][T13922]  ? __check_object_size+0x49c/0x900
[  619.662725][T13922]  ? bpf_lsm_netlink_send+0x9/0x10
[  619.667867][T13922]  netlink_sendmsg+0x8e4/0xcb0
[  619.672664][T13922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  619.677976][T13922]  ? aa_sock_msg_perm+0x91/0x160
[  619.682953][T13922]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  619.688267][T13922]  ? security_socket_sendmsg+0x87/0xb0
[  619.693755][T13922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  619.699060][T13922]  __sock_sendmsg+0x221/0x270
[  619.703758][T13922]  __sys_sendto+0x3a4/0x4f0
[  619.708277][T13922]  ? __pfx___sys_sendto+0x10/0x10
[  619.713323][T13922]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  619.719664][T13922]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  619.726126][T13922]  ? rcu_is_watching+0x15/0xb0
[  619.730910][T13922]  __x64_sys_sendto+0xde/0x100
[  619.735687][T13922]  do_syscall_64+0xf3/0x230
[  619.740201][T13922]  ? clear_bhb_loop+0x35/0x90
[  619.744903][T13922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.750827][T13922] RIP: 0033:0x7fcb9297796c
[  619.755259][T13922] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b
[  619.774894][T13922] RSP: 002b:00007fcb93739ea0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  619.783321][T13922] RAX: ffffffffffffffda RBX: 00007fcb93739fb0 RCX: 00007fcb9297796c
[  619.791390][T13922] RDX: 0000000000000028 RSI: 00007fcb9373a000 RDI: 0000000000000009
[  619.799368][T13922] RBP: 0000000000000000 R08: 00007fcb93739ef4 R09: 000000000000000c
[  619.807351][T13922] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009
[  619.815325][T13922] R13: 00007fcb93739f48 R14: 00007fcb9373a000 R15: 0000000000000000
[  619.823316][T13922]  </TASK>
[  620.052997][T13928] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1817'.
[  620.186592][T13904] loop4: detected capacity change from 0 to 32768
[  620.240678][T13904] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  620.249531][ T5146] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  620.432106][    C0] eth0: bad gso: type: 1, size: 1408
[  620.460724][ T5146] usb 3-1: Using ep0 maxpacket: 32
[  620.475364][ T5146] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  620.495055][ T5146] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.534346][ T5146] usb 3-1: config 0 descriptor??
[  620.553433][T13904] XFS (loop4): Ending clean mount
[  620.575883][ T5146] gspca_main: sunplus-2.14.0 probing 0458:7006
[  620.585970][T13904] XFS (loop4): Quotacheck needed: Please wait.
[  620.620365][T13947] kernel read not supported for file /cpu.stat (pid: 13947 comm: syz.0.1821)
[  620.671964][T13904] XFS (loop4): Quotacheck: Done.
[  620.707595][   T29] audit: type=1800 audit(1721047570.574:153): pid=13947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1821" name="cpu.stat" dev="mqueue" ino=52623 res=0 errno=0
[  620.980437][T13931] loop1: detected capacity change from 0 to 32768
[  621.394690][T13931] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  621.474465][T13931] XFS (loop1): Ending clean mount
[  621.482727][T13931] XFS (loop1): Quotacheck needed: Please wait.
[  621.503230][ T5146] gspca_sunplus: reg_w_riv err -71
[  621.529447][ T5146] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  621.631168][T13931] XFS (loop1): Quotacheck: Done.
[  621.638749][ T5146] usb 3-1: USB disconnect, device number 49
[  621.650145][ T6861] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  621.697403][ T5144] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  622.421035][ T5144] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[  622.436123][ T5144] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.445876][ T5144] usb 4-1: config 0 descriptor??
[  622.581550][T12137] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  622.686421][   T29] audit: type=1326 audit(1721047572.554:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13964 comm="syz.0.1825" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb92975bd9 code=0x0
[  622.815084][T13975] loop4: detected capacity change from 0 to 512
[  622.861109][T13975] EXT4-fs (loop4): filesystem is read-only
[  622.872934][ T5144] gs_usb 4-1:0.0: Couldn't get device config: (err=-121)
[  622.890152][ T5144] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -121
[  623.017467][T13980] FAULT_INJECTION: forcing a failure.
[  623.017467][T13980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  623.048971][T13978] loop4: detected capacity change from 0 to 1024
[  623.049045][T13980] CPU: 0 UID: 0 PID: 13980 Comm: syz.0.1828 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  623.066153][T13980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  623.066174][T13980] Call Trace:
[  623.066186][T13980]  <TASK>
[  623.066195][T13980]  dump_stack_lvl+0x241/0x360
[  623.066236][T13980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  623.066269][T13980]  ? __pfx__printk+0x10/0x10
[  623.066299][T13980]  ? rcu_is_watching+0x15/0xb0
[  623.066321][T13980]  ? __pfx_lock_release+0x10/0x10
[  623.066351][T13980]  ? lock_acquire+0xe3/0x550
[  623.066385][T13980]  should_fail_ex+0x3b0/0x4e0
[  623.080872][T13978] EXT4-fs: Ignoring removed orlov option
[  623.082668][T13980]  _copy_from_user+0x2f/0xe0
[  623.082708][T13980]  ucma_destroy_id+0xc7/0x2f0
[  623.130977][T13980]  ? get_pid_task+0x23/0x1f0
[  623.135582][T13980]  ? __pfx_ucma_destroy_id+0x10/0x10
[  623.140868][T13980]  ? lock_release+0xbf/0xa30
[  623.145467][T13980]  ? __might_fault+0xc6/0x120
[  623.150150][T13980]  ? __pfx_ucma_destroy_id+0x10/0x10
[  623.155527][T13980]  ucma_write+0x2df/0x430
[  623.159862][T13980]  ? __pfx_ucma_write+0x10/0x10
[  623.165072][T13980]  ? bpf_lsm_file_permission+0x9/0x10
[  623.170449][T13980]  ? rw_verify_area+0x1d2/0x6b0
[  623.175307][T13980]  vfs_writev+0x5af/0xbb0
[  623.179659][T13980]  ? __pfx_ucma_write+0x10/0x10
[  623.184532][T13980]  ? __pfx_vfs_writev+0x10/0x10
[  623.189386][T13980]  ? vfs_write+0x7c4/0xc90
[  623.193813][T13980]  ? __fget_files+0x29/0x470
[  623.198411][T13980]  do_writev+0x1b1/0x350
[  623.202662][T13980]  ? __pfx_do_writev+0x10/0x10
[  623.207431][T13980]  ? rcu_is_watching+0x15/0xb0
[  623.212219][T13980]  ? rcu_is_watching+0x15/0xb0
[  623.216984][T13980]  do_syscall_64+0xf3/0x230
[  623.221499][T13980]  ? clear_bhb_loop+0x35/0x90
[  623.226188][T13980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  623.232084][T13980] RIP: 0033:0x7fcb92975bd9
[  623.236498][T13980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  623.256121][T13980] RSP: 002b:00007fcb9373b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  623.264564][T13980] RAX: ffffffffffffffda RBX: 00007fcb92b03f60 RCX: 00007fcb92975bd9
[  623.272540][T13980] RDX: 0000000000000002 RSI: 0000000020000040 RDI: 0000000000000003
[  623.280517][T13980] RBP: 00007fcb9373b0a0 R08: 0000000000000000 R09: 0000000000000000
[  623.288683][T13980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  623.296669][T13980] R13: 000000000000000b R14: 00007fcb92b03f60 R15: 00007ffe217f8588
[  623.304653][T13980]  </TASK>
[  623.321173][T13978] EXT4-fs (loop4): Test dummy encryption mode enabled
[  623.329288][T13978] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  623.577939][T13978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.645377][T13988] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1829'.
[  624.524717][T13995] loop1: detected capacity change from 0 to 512
[  624.543871][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  624.550465][ T5146] usb 4-1: USB disconnect, device number 44
[  624.556599][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  624.684233][T13995] ext4: Unknown parameter 'nogrpid"errors'
[  624.991418][T14005] loop1: detected capacity change from 0 to 1024
[  625.017782][T14005] hfsplus: unable to parse mount options
[  625.098507][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.299015][T14018] loop2: detected capacity change from 0 to 16
[  625.322513][T14018] erofs: (device loop2): mounted with root inode @ nid 36.
[  625.323969][T14015] xt_CT: No such helper "pptp"
[  625.360262][T14020] loop1: detected capacity change from 0 to 256
[  625.390011][T14020] FAT-fs (loop1): Directory bread(block 64) failed
[  625.486242][T14020] FAT-fs (loop1): Directory bread(block 65) failed
[  625.526292][T14020] FAT-fs (loop1): Directory bread(block 66) failed
[  625.532886][T14020] FAT-fs (loop1): Directory bread(block 67) failed
[  625.553094][T14020] FAT-fs (loop1): Directory bread(block 68) failed
[  625.578184][T14020] FAT-fs (loop1): Directory bread(block 69) failed
[  625.597166][T14020] FAT-fs (loop1): Directory bread(block 70) failed
[  625.603739][T14020] FAT-fs (loop1): Directory bread(block 71) failed
[  625.631084][T14020] FAT-fs (loop1): Directory bread(block 72) failed
[  625.650693][T14020] FAT-fs (loop1): Directory bread(block 73) failed
[  625.728323][T14015] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  625.746302][T14015] FAT-fs (loop1): Filesystem has been set read-only
[  625.761250][T14015] xt_CT: You must specify a L4 protocol and not use inversions on it
[  626.508650][T14030] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1842'.
[  626.707594][ T5097] Bluetooth: hci0: ACL packet for unknown connection handle 3016
[  626.775163][T14037] netlink: 87 bytes leftover after parsing attributes in process `syz.1.1845'.
[  626.871007][T14036] 
��: renamed from syzkaller0
[  627.102765][T14039] loop1: detected capacity change from 0 to 512
[  627.255994][T14039] EXT4-fs (loop1): filesystem is read-only
[  627.922107][T14046] loop1: detected capacity change from 0 to 1024
[  627.929830][T14046] EXT4-fs: Ignoring removed orlov option
[  628.171026][T14046] EXT4-fs (loop1): Test dummy encryption mode enabled
[  628.178425][T14046] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  628.240794][T14046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  628.326358][T12249] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  628.545013][T12249] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  628.575401][T12249] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  628.683673][T12137] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.686192][T12249] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  628.725051][T12249] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.765513][T12249] usb 4-1: config 0 descriptor??
[  629.068384][T14051] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  629.123849][T14051] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  629.825450][T14074] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1855'.
[  630.039146][T12249] usbhid 4-1:0.0: can't add hid device: -71
[  630.046959][T12249] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  630.060212][T12249] usb 4-1: USB disconnect, device number 45
[  631.227950][T14091] loop4: detected capacity change from 0 to 512
[  631.259295][T14091] EXT4-fs (loop4): filesystem is read-only
[  631.580279][T14093] loop4: detected capacity change from 0 to 1024
[  631.594656][T14093] EXT4-fs: Ignoring removed orlov option
[  631.619449][T14093] EXT4-fs (loop4): Test dummy encryption mode enabled
[  631.629353][T14093] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  631.717892][T14093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  631.966179][ T5143] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  632.225707][T14085] loop1: detected capacity change from 0 to 32768
[  632.276136][ T5143] usb 3-1: Using ep0 maxpacket: 16
[  632.288345][T14085] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  632.289259][ T5143] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  632.366860][ T5143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.385437][ T5143] usb 3-1: Product: syz
[  632.396784][ T5143] usb 3-1: Manufacturer: syz
[  632.408630][ T5143] usb 3-1: SerialNumber: syz
[  632.424433][ T5143] usb 3-1: config 0 descriptor??
[  632.435025][ T5143] usb_ehset_test 3-1:0.0: probe with driver usb_ehset_test failed with error -32
[  632.450253][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.450616][T14085] XFS (loop1): Ending clean mount
[  632.470782][T14085] XFS (loop1): Quotacheck needed: Please wait.
[  632.494342][T14085] XFS (loop1): Quotacheck: Done.
[  632.647878][T14092] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.656505][T14092] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.260685][    C0] eth0: bad gso: type: 1, size: 1408
[  633.286696][T12137] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  633.435744][T14124] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1868'.
[  633.754066][T12249] usb 3-1: USB disconnect, device number 50
[  634.488388][ T5144] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  634.664396][T14140] loop2: detected capacity change from 0 to 128
[  634.692136][ T5144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  634.784175][ T5144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  634.994088][T14140] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  634.996458][T14140] EXT4-fs: failed to create workqueue
[  635.025142][ T5144] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  635.175783][ T5144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.190684][T14140] EXT4-fs (loop2): mount failed
[  635.217595][ T5144] usb 1-1: config 0 descriptor??
[  635.637765][T14149] loop2: detected capacity change from 0 to 512
[  635.642210][T14127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  635.656390][T14127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  635.697075][T14149] EXT4-fs (loop2): filesystem is read-only
[  635.947351][ T5144] prodikeys 0003:041E:2801.000A: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.0-1/input0
[  635.971317][ T5144] usb 1-1: USB disconnect, device number 53
[  636.091769][T14153] loop2: detected capacity change from 0 to 1024
[  636.100853][T14153] EXT4-fs: Ignoring removed orlov option
[  636.110660][T14153] EXT4-fs (loop2): Test dummy encryption mode enabled
[  636.118518][T14153] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  636.218567][T14153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  636.598630][T14163] loop4: detected capacity change from 0 to 16
[  636.656485][T14163] erofs: (device loop4): mounted with root inode @ nid 36.
[  636.685612][T13053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.822189][T14167] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1879'.
[  638.948099][    C0] eth0: bad gso: type: 1, size: 1408
[  639.241566][T14186] FAULT_INJECTION: forcing a failure.
[  639.241566][T14186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  639.299021][T14186] CPU: 1 UID: 0 PID: 14186 Comm: syz.2.1885 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  639.309434][T14186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  639.319695][T14186] Call Trace:
[  639.323005][T14186]  <TASK>
[  639.326045][T14186]  dump_stack_lvl+0x241/0x360
[  639.330768][T14186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  639.336004][T14186]  ? __pfx__printk+0x10/0x10
[  639.340634][T14186]  ? __pfx_lock_release+0x10/0x10
[  639.345699][T14186]  ? __mutex_trylock_common+0x183/0x2e0
[  639.351279][T14186]  ? __pfx___might_resched+0x10/0x10
[  639.356617][T14186]  should_fail_ex+0x3b0/0x4e0
[  639.361341][T14186]  _copy_from_user+0x2f/0xe0
[  639.365967][T14186]  do_tcp_setsockopt+0x29e/0x2540
[  639.371030][T14186]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  639.376516][T14186]  ? smc_setsockopt+0x1c3/0xe50
[  639.381425][T14186]  ? __pfx___mutex_lock+0x10/0x10
[  639.386485][T14186]  ? lock_release+0xbf/0xa30
[  639.391146][T14186]  ? aa_sk_perm+0x967/0xab0
[  639.395680][T14186]  ? tcp_setsockopt+0x3e/0xf0
[  639.400386][T14186]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  639.406321][T14186]  smc_setsockopt+0x275/0xe50
[  639.411049][T14186]  ? __pfx_smc_setsockopt+0x10/0x10
[  639.416377][T14186]  ? aa_sock_opt_perm+0x79/0x120
[  639.421349][T14186]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  639.426919][T14186]  ? security_socket_setsockopt+0x87/0xb0
[  639.432684][T14186]  ? __pfx_smc_setsockopt+0x10/0x10
[  639.437927][T14186]  do_sock_setsockopt+0x3af/0x720
[  639.442995][T14186]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  639.448577][T14186]  ? __fget_files+0x29/0x470
[  639.453197][T14186]  ? __fget_files+0x3f6/0x470
[  639.457909][T14186]  __sys_setsockopt+0x1ae/0x250
[  639.462796][T14186]  __x64_sys_setsockopt+0xb5/0xd0
[  639.467868][T14186]  do_syscall_64+0xf3/0x230
[  639.472411][T14186]  ? clear_bhb_loop+0x35/0x90
[  639.477120][T14186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.483056][T14186] RIP: 0033:0x7fea7ef75bd9
[  639.487497][T14186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.507129][T14186] RSP: 002b:00007fea7fd77048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  639.515574][T14186] RAX: ffffffffffffffda RBX: 00007fea7f103f60 RCX: 00007fea7ef75bd9
[  639.523572][T14186] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000003
[  639.531574][T14186] RBP: 00007fea7fd770a0 R08: 0000000000000004 R09: 0000000000000000
[  639.539575][T14186] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000001
[  639.547578][T14186] R13: 000000000000000b R14: 00007fea7f103f60 R15: 00007ffd1ae506d8
[  639.555591][T14186]  </TASK>
[  639.826650][T14198] bond0: (slave erspan0): Opening slave failed
[  640.064280][T14196] loop2: detected capacity change from 0 to 512
[  640.086134][ T5144] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  640.094483][T14196] EXT4-fs (loop2): filesystem is read-only
[  640.312856][T14200] loop2: detected capacity change from 0 to 1024
[  640.329096][ T5144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.341672][T14200] EXT4-fs: Ignoring removed orlov option
[  640.350461][ T5144] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  640.370534][ T5144] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  640.370621][T14200] EXT4-fs (loop2): Test dummy encryption mode enabled
[  640.405934][ T5144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.417664][ T5146] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  640.425743][T14200] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  640.446297][ T5144] usb 1-1: config 0 descriptor??
[  640.513123][T14200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.651517][ T5146] usb 2-1: Using ep0 maxpacket: 16
[  640.671444][ T5146] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  640.716181][ T5146] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.753379][ T5146] usb 2-1: Product: syz
[  640.768966][ T5146] usb 2-1: Manufacturer: syz
[  640.783865][ T5146] usb 2-1: SerialNumber: syz
[  640.808810][ T5146] usb 2-1: config 0 descriptor??
[  640.837482][T14211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1891'.
[  640.849323][ T5146] usb_ehset_test 2-1:0.0: probe with driver usb_ehset_test failed with error -32
[  640.860563][T14193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  640.881604][T14193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  640.920053][ T5144] prodikeys 0003:041E:2801.000B: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.0-1/input0
[  640.921211][T14213] team0: Port device team_slave_0 removed
[  640.988062][T14213] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  641.018986][T13053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.064192][T14197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  641.073091][T14197] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  641.309806][ T5146] usb 1-1: USB disconnect, device number 54
[  641.546824][ T5097] Bluetooth: hci3: Malformed HCI Event: 0x22
[  642.189131][ T5144] usb 2-1: USB disconnect, device number 29
[  642.751703][T14250] bond0: (slave erspan0): Opening slave failed
[  643.573166][T14249] loop1: detected capacity change from 0 to 32768
[  643.617788][T14249] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  643.617788][T14249] clean (size 2912):
[  643.617788][T14249] flags:          0
[  643.617788][T14249] journal_seq:    8
[  643.617788][T14249] usage: type=inodes v=8
[  643.617788][T14249] usage: type=key_version v=0
[  643.617788][T14249] usage: type=reserved v=0
[  643.617788][T14249] usage: type=reserved v=0
[  643.617788][T14249] usage: type=reserved v=0
[  643.617788][T14249] usage: type=reserved v=0
[  643.617788][T14249] data_usage: btree: 1/1 [0]=2816
[  643.617788][T14249] data_usage: journal: 1/1 [0]=0
[  643.617788][T14249] data_usage: user: 1/1 [0]=32
[  643.617788][T14249] dev_usage: dev=0  
[  643.617788][T14249]   free: buckets=83 sectors=0 fragmented=0
[  643.617788][T14249]   sb: buckets=25 sectors=6152 fragmented=248
[  643.617788][T14249]   journal: buckets=8 sectors=2048 fragmented=0
[  643.617788][T14249]   btree: buckets=11 sectors=2816 fragmented=0
[  643.617788][T14249]   user: buckets=1 sectors=32 fragmented=224
[  643.617788][T14249]   cached: buckets=0 sectors=0 fragmented=0
[  643.617788][T14249]   parity: buckets=0 sectors=0 fragmented=0
[  643.617788][T14249]   stripe: buckets=0 sectors=0 fragmented=0
[  643.617788][T14249]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  643.617788][T14249]   need_discard: buckets=0 sectors=0 fragmented=0
[  643.617788][T14249] clock: read=0
[  643.617788][T14249] data_usage: need_gc_gens: 0/5 [0 0 0 0 0]=1
[  643.617788][T14249] 
[  643.766751][T14249] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  644.100222][T14259] loop4: detected capacity change from 0 to 2048
[  644.171701][T14259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  644.197511][T14259] ext4 filesystem being mounted at /366/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  644.528141][T14272] fuse: Bad value for 'fd'
[  647.348783][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  647.769005][T14282] loop1: detected capacity change from 0 to 1024
[  647.777375][T14282] hfsplus: unable to parse mount options
[  649.666227][ T5146] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  649.988393][T14293] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  649.988393][T14293] S�Ș�ȞZ�6��'
[  650.299200][T12249] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  650.340552][ T5146] usb 1-1: device descriptor read/all, error -71
[  650.828733][T14302] bond0: (slave erspan0): Opening slave failed
[  650.840611][T12249] usb 5-1: Using ep0 maxpacket: 16
[  650.858594][T12249] usb 5-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  650.873479][T12249] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  651.279525][T12249] usb 5-1: Product: syz
[  651.284334][T12249] usb 5-1: Manufacturer: syz
[  651.289097][T12249] usb 5-1: SerialNumber: syz
[  651.295494][T12249] usb 5-1: config 0 descriptor??
[  651.404483][T12249] usb 5-1: can't set config #0, error -71
[  651.440922][T12249] usb 5-1: USB disconnect, device number 52
[  652.351276][T14313] loop1: detected capacity change from 0 to 40427
[  652.360357][T14313] F2FS-fs (loop1): Invalid log sectors per block(3) log sectorsize(10)
[  652.368724][T14313] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  652.422380][T14313] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  652.538044][T12249] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  652.562294][T14313] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  652.569626][T14313] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  652.749751][T12249] usb 3-1: Using ep0 maxpacket: 16
[  652.815143][T12249] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  652.870303][T12249] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.908906][T12249] usb 3-1: Product: syz
[  652.931593][T12249] usb 3-1: Manufacturer: syz
[  652.952868][T12249] usb 3-1: SerialNumber: syz
[  652.975777][T12249] usb 3-1: config 0 descriptor??
[  653.028687][T12249] usb_ehset_test 3-1:0.0: probe with driver usb_ehset_test failed with error -32
[  653.231891][T14316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.240722][T14316] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.433107][T14310] loop4: detected capacity change from 0 to 32768
[  653.526810][T14310] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  653.639212][T14310] XFS (loop4): Ending clean mount
[  653.681272][T14310] XFS (loop4): Quotacheck needed: Please wait.
[  653.748652][T14310] XFS (loop4): Quotacheck: Done.
[  654.758838][ T6861] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  655.063007][T12249] usb 3-1: USB disconnect, device number 51
[  655.687782][ T5146] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  655.986513][T14363] bond0: (slave erspan0): Opening slave failed
[  656.048879][ T5146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  656.198746][T14365] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  656.198746][T14365] S�Ș�ȞZ�6��'
[  656.387968][ T5146] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  656.545069][ T5140] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  656.706658][ T5146] usb 1-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  656.721646][ T5146] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.741880][ T5146] usb 1-1: config 0 descriptor??
[  656.814212][T14370] Process accounting resumed
[  656.914630][ T5140] usb 3-1: Using ep0 maxpacket: 16
[  656.929378][ T5140] usb 3-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  656.986109][ T5140] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  657.024679][ T5140] usb 3-1: Product: syz
[  657.044387][ T5140] usb 3-1: Manufacturer: syz
[  657.052450][ T5140] usb 3-1: SerialNumber: syz
[  657.071532][ T5140] usb 3-1: config 0 descriptor??
[  657.216345][T14349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  657.473546][T14349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  657.525637][ T5146] prodikeys 0003:041E:2801.000C: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.0-1/input0
[  657.778391][T12249] usb 1-1: USB disconnect, device number 57
[  658.041836][ T5145] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  658.246125][ T5145] usb 2-1: Using ep0 maxpacket: 16
[  658.262821][ T5145] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  658.280043][ T5145] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.295451][ T5145] usb 2-1: Product: syz
[  658.312230][ T5145] usb 2-1: Manufacturer: syz
[  658.328190][ T5145] usb 2-1: SerialNumber: syz
[  658.358895][ T5145] usb 2-1: config 0 descriptor??
[  658.395920][ T5145] usb_ehset_test 2-1:0.0: probe with driver usb_ehset_test failed with error -32
[  658.594962][T14379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  658.603558][T14379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  658.696120][ T5146] usb 3-1: USB disconnect, device number 52
[  659.918756][ T5145] usb 2-1: USB disconnect, device number 30
[  661.020764][T14410] bond0: (slave erspan0): Opening slave failed
[  661.182391][T14393] loop4: detected capacity change from 0 to 32768
[  661.210569][   T29] audit: type=1326 audit(1721047611.094:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14412 comm="syz.3.1943" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d6cf75bd9 code=0x0
[  661.279245][T14393] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  661.304265][T14420] Process accounting resumed
[  661.355365][T14393] XFS (loop4): Ending clean mount
[  661.362814][T14393] XFS (loop4): Quotacheck needed: Please wait.
[  661.378726][T14393] XFS (loop4): Quotacheck: Done.
[  662.685232][ T6861] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  662.892525][ T5141] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  663.040329][T14437] loop2: detected capacity change from 0 to 8192
[  663.066707][T14437] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  663.084294][T14437] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  663.099394][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  663.118151][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  663.156889][ T5141] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  663.181988][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.216717][ T5141] usb 2-1: config 0 descriptor??
[  663.643698][T14431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  663.665847][T14431] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  663.723648][ T5141] prodikeys 0003:041E:2801.000D: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input0
[  663.915591][ T5141] usb 2-1: USB disconnect, device number 31
[  664.797261][T14464] loop4: detected capacity change from 0 to 1024
[  664.861596][T14464] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  664.890109][T14464] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  665.659361][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.855350][T14485] loop4: detected capacity change from 0 to 40427
[  666.875642][T14485] F2FS-fs (loop4): Invalid log sectors per block(3) log sectorsize(10)
[  666.884020][T14485] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  666.910183][T14485] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  667.001580][T14485] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  667.009179][T14485] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  667.416406][ T5146] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  667.619391][ T5146] usb 2-1: device descriptor read/64, error -71
[  668.082758][T14511] FAULT_INJECTION: forcing a failure.
[  668.082758][T14511] name failslab, interval 1, probability 0, space 0, times 0
[  669.432721][T14515] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1965'.
[  669.590089][T14509] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  669.590089][T14509] S�Ș�ȞZ�6��'
[  670.264991][T14515] loop2: detected capacity change from 0 to 40427
[  670.427134][T14515] F2FS-fs (loop2): Invalid log sectors per block(3) log sectorsize(10)
[  670.435577][T14515] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  670.484548][T14511] CPU: 0 UID: 0 PID: 14511 Comm: syz.4.1969 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  670.494851][T14511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  670.504945][T14511] Call Trace:
[  670.508248][T14511]  <TASK>
[  670.511198][T14511]  dump_stack_lvl+0x241/0x360
[  670.515910][T14511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  670.521114][T14511]  ? __pfx__printk+0x10/0x10
[  670.525712][T14511]  ? __pfx___might_resched+0x10/0x10
[  670.531002][T14511]  should_fail_ex+0x3b0/0x4e0
[  670.535692][T14511]  should_failslab+0xac/0x100
[  670.540377][T14511]  __kmalloc_cache_node_noprof+0x74/0x300
[  670.546119][T14511]  ? is_bpf_text_address+0x26/0x2a0
[  670.551319][T14511]  ? __get_vm_area_node+0x113/0x270
[  670.556523][T14511]  __get_vm_area_node+0x113/0x270
[  670.561558][T14511]  __vmalloc_node_range_noprof+0x3bc/0x1460
[  670.567460][T14511]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  670.573031][T14511]  ? kstrtoull+0x1d1/0x2f0
[  670.577466][T14511]  ? aa_get_newest_label+0xff/0x6f0
[  670.582674][T14511]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  670.589007][T14511]  ? rcu_is_watching+0x15/0xb0
[  670.593771][T14511]  ? get_pid_task+0x23/0x1f0
[  670.598363][T14511]  ? lock_release+0xbf/0xa30
[  670.602966][T14511]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  670.608521][T14511]  __vmalloc_noprof+0x79/0x90
[  670.613207][T14511]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  670.618768][T14511]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  670.624153][T14511]  ? bpf_prog_alloc+0x28/0x1b0
[  670.628940][T14511]  bpf_prog_alloc+0x3a/0x1b0
[  670.633544][T14511]  bpf_prog_load+0x7f7/0x20f0
[  670.638241][T14511]  ? __pfx_bpf_prog_load+0x10/0x10
[  670.643363][T14511]  ? __pfx___might_resched+0x10/0x10
[  670.648666][T14511]  ? __might_fault+0xc6/0x120
[  670.653347][T14511]  ? bpf_lsm_bpf+0x9/0x10
[  670.657685][T14511]  ? security_bpf+0x87/0xb0
[  670.662198][T14511]  __sys_bpf+0x4ee/0x810
[  670.666471][T14511]  ? __pfx___sys_bpf+0x10/0x10
[  670.671251][T14511]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  670.677602][T14511]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  670.683938][T14511]  ? rcu_is_watching+0x15/0xb0
[  670.688717][T14511]  __x64_sys_bpf+0x7c/0x90
[  670.693155][T14511]  do_syscall_64+0xf3/0x230
[  670.697678][T14511]  ? clear_bhb_loop+0x35/0x90
[  670.702369][T14511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.708272][T14511] RIP: 0033:0x7f8899d75bd9
[  670.712692][T14511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  670.732392][T14511] RSP: 002b:00007f889aadd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  670.740813][T14511] RAX: ffffffffffffffda RBX: 00007f8899f03f60 RCX: 00007f8899d75bd9
[  670.748872][T14511] RDX: 0000000000000090 RSI: 0000000020000440 RDI: 0000000000000005
[  670.756862][T14511] RBP: 00007f889aadd0a0 R08: 0000000000000000 R09: 0000000000000000
[  670.764850][T14511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  670.772826][T14511] R13: 000000000000000b R14: 00007f8899f03f60 R15: 00007ffdd9eb9c58
[  670.780845][T14511]  </TASK>
[  670.792244][T14515] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  670.806339][ T5146] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  670.867147][T14511] syz.4.1969: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  670.883955][T14511] CPU: 1 UID: 0 PID: 14511 Comm: syz.4.1969 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  670.894216][T14511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  670.904266][T14511] Call Trace:
[  670.907540][T14511]  <TASK>
[  670.910504][T14511]  dump_stack_lvl+0x241/0x360
[  670.915201][T14511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  670.920414][T14511]  ? __pfx__printk+0x10/0x10
[  670.925045][T14511]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  670.931462][T14511]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  670.937980][T14511]  warn_alloc+0x278/0x410
[  670.942329][T14511]  ? __pfx_warn_alloc+0x10/0x10
[  670.947184][T14511]  ? is_bpf_text_address+0x26/0x2a0
[  670.952382][T14511]  ? __get_vm_area_node+0x113/0x270
[  670.957621][T14511]  ? __get_vm_area_node+0x261/0x270
[  670.962825][T14511]  __vmalloc_node_range_noprof+0x3e0/0x1460
[  670.968727][T14511]  ? kstrtoull+0x1d1/0x2f0
[  670.973159][T14511]  ? aa_get_newest_label+0xff/0x6f0
[  670.978361][T14511]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  670.984691][T14511]  ? rcu_is_watching+0x15/0xb0
[  670.989448][T14511]  ? get_pid_task+0x23/0x1f0
[  670.994031][T14511]  ? lock_release+0xbf/0xa30
[  670.998633][T14511]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  671.004187][T14511]  __vmalloc_noprof+0x79/0x90
[  671.008866][T14511]  ? bpf_prog_alloc_no_stats+0x4d/0x4b0
[  671.014420][T14511]  bpf_prog_alloc_no_stats+0x4d/0x4b0
[  671.019802][T14511]  ? bpf_prog_alloc+0x28/0x1b0
[  671.024585][T14511]  bpf_prog_alloc+0x3a/0x1b0
[  671.029190][T14511]  bpf_prog_load+0x7f7/0x20f0
[  671.033885][T14511]  ? __pfx_bpf_prog_load+0x10/0x10
[  671.039004][T14511]  ? __pfx___might_resched+0x10/0x10
[  671.044302][T14511]  ? __might_fault+0xc6/0x120
[  671.048989][T14511]  ? bpf_lsm_bpf+0x9/0x10
[  671.053318][T14511]  ? security_bpf+0x87/0xb0
[  671.057825][T14511]  __sys_bpf+0x4ee/0x810
[  671.062079][T14511]  ? __pfx___sys_bpf+0x10/0x10
[  671.066860][T14511]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  671.073194][T14511]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  671.079527][T14511]  ? rcu_is_watching+0x15/0xb0
[  671.084301][T14511]  __x64_sys_bpf+0x7c/0x90
[  671.088725][T14511]  do_syscall_64+0xf3/0x230
[  671.093239][T14511]  ? clear_bhb_loop+0x35/0x90
[  671.097921][T14511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.103820][T14511] RIP: 0033:0x7f8899d75bd9
[  671.108240][T14511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.127858][T14511] RSP: 002b:00007f889aadd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  671.136292][T14511] RAX: ffffffffffffffda RBX: 00007f8899f03f60 RCX: 00007f8899d75bd9
[  671.144268][T14511] RDX: 0000000000000090 RSI: 0000000020000440 RDI: 0000000000000005
[  671.152248][T14511] RBP: 00007f889aadd0a0 R08: 0000000000000000 R09: 0000000000000000
[  671.160220][T14511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  671.168194][T14511] R13: 000000000000000b R14: 00007f8899f03f60 R15: 00007ffdd9eb9c58
[  671.176183][T14511]  </TASK>
[  671.179278][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.185955][T14515] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  671.193241][T14515] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  671.210805][    T9] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  671.250025][T14511] Mem-Info:
[  671.253262][T14511] active_anon:11963 inactive_anon:2407 isolated_anon:0
[  671.253262][T14511]  active_file:118959 inactive_file:199752 isolated_file:0
[  671.253262][T14511]  unevictable:768 dirty:325 writeback:0
[  671.253262][T14511]  slab_reclaimable:138391 slab_unreclaimable:103752
[  671.253262][T14511]  mapped:23184 shmem:12062 pagetables:741
[  671.253262][T14511]  sec_pagetables:0 bounce:0
[  671.253262][T14511]  kernel_misc_reclaimable:0
[  671.253262][T14511]  free:962924 free_pcp:4160 free_cma:0
[  671.299853][T14511] Node 0 active_anon:47824kB inactive_anon:9628kB active_file:475832kB inactive_file:675980kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:91252kB dirty:1300kB writeback:0kB shmem:47032kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10332kB pagetables:2884kB sec_pagetables:0kB all_unreclaimable? no
[  671.332597][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.435172][T14511] Node 1 active_anon:28kB inactive_anon:0kB active_file:4kB inactive_file:122928kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:1484kB dirty:0kB writeback:0kB shmem:1216kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:80kB sec_pagetables:0kB all_unreclaimable? no
[  671.466222][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.472652][T14511] Node 0 DMA free:11536kB boost:2048kB min:2252kB low:2300kB high:2348kB reserved_highatomic:0KB active_anon:52kB inactive_anon:24kB active_file:108kB inactive_file:492kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:128kB local_pcp:12kB free_cma:0kB
[  671.501027][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.546154][T14511] lowmem_reserve[]: 0 2569 2569 0 0
[  671.551464][T14511] Node 0 DMA32 free:136420kB boost:28672kB min:63768kB low:72540kB high:81312kB reserved_highatomic:0KB active_anon:24788kB inactive_anon:9580kB active_file:475708kB inactive_file:674508kB unevictable:1536kB writepending:1300kB present:3129332kB managed:2657772kB mlocked:0kB bounce:0kB free_pcp:2712kB local_pcp:896kB free_cma:0kB
[  671.582510][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.686112][T14511] lowmem_reserve[]: 0 0 0 0 0
[  671.691013][T14511] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:24kB active_file:16kB inactive_file:64kB unevictable:0kB writepending:0kB present:1048576kB managed:104kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  671.781200][T14511] lowmem_reserve[]: 0 0 0 0 0
[  671.785991][T14511] Node 1 Normal free:3732076kB boost:0kB min:54808kB low:68508kB high:82208kB reserved_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:4kB inactive_file:122928kB unevictable:1536kB writepending:0kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:11492kB local_pcp:11324kB free_cma:0kB
[  671.815887][    C1] vkms_vblank_simulate: vblank timer overrun
[  671.822752][T14511] lowmem_reserve[]: 0 0 0 0 0
[  671.827827][T14511] Node 0 DMA: 50*4kB (UME) 33*8kB (UM) 48*16kB (UM) 44*32kB (UM) 37*64kB (UM) 27*128kB (M) 10*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 11536kB
[  671.866317][T14511] Node 0 DMA32: 1184*4kB (UME) 1555*8kB (UM) 971*16kB (UME) 1039*32kB (UME) 524*64kB (UME) 187*128kB (UME) 40*256kB (UME) 10*512kB (UM) 4*1024kB (M) 0*2048kB 0*4096kB = 142888kB
[  671.900576][T14511] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  671.926107][T14511] Node 1 Normal: 19*4kB (UME) 24*8kB (ME) 108*16kB (UME) 134*32kB (UME) 94*64kB (UME) 63*128kB (UME) 21*256kB (UME) 13*512kB (UME) 9*1024kB (ME) 6*2048kB (UME) 898*4096kB (UM) = 3732108kB
[  671.946158][    T9] usb 1-1: Using ep0 maxpacket: 16
[  671.955962][    T9] usb 1-1: device descriptor read/all, error -61
[  671.976284][T14511] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  671.985873][T14511] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  672.018797][T14511] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  672.045413][T14511] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  672.095208][T14533] loop2: detected capacity change from 0 to 256
[  672.117270][T14533] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  672.128154][    T9] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  672.186150][T14511] 324242 total pagecache pages
[  672.197955][T14511] 0 pages in swap cache
[  672.236480][T14511] Free swap  = 124572kB
[  672.251724][T14511] Total swap = 124996kB
[  672.255910][T14511] 2097051 pages RAM
[  672.274037][T14525] loop1: detected capacity change from 0 to 32768
[  672.280219][T14511] 0 pages HighMem/MovableOnly
[  672.303702][T14511] 401462 pages reserved
[  672.315667][T14511] 0 pages cma reserved
[  672.350936][    T9] usb 1-1: device descriptor read/64, error -71
[  672.445223][T14525] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  672.445223][T14525] clean (size 2912):
[  672.445223][T14525] flags:          0
[  672.445223][T14525] journal_seq:    8
[  672.445223][T14525] usage: type=inodes v=8
[  672.445223][T14525] usage: type=key_version v=0
[  672.445223][T14525] usage: type=reserved v=0
[  672.445223][T14525] usage: type=reserved v=0
[  672.445223][T14525] usage: type=reserved v=0
[  672.445223][T14525] usage: type=reserved v=0
[  672.445223][T14525] data_usage: btree: 1/1 [0]=2816
[  672.445223][T14525] data_usage: journal: 1/1 [0]=0
[  672.445223][T14525] data_usage: user: 1/1 [0]=32
[  672.445223][T14525] dev_usage: dev=0  
[  672.445223][T14525]   free: buckets=83 sectors=0 fragmented=0
[  672.445223][T14525]   sb: buckets=25 sectors=6152 fragmented=248
[  672.445223][T14525]   journal: buckets=8 sectors=2048 fragmented=0
[  672.445223][T14525]   btree: buckets=11 sectors=2816 fragmented=0
[  672.445223][T14525]   user: buckets=1 sectors=32 fragmented=224
[  672.445223][T14525]   cached: buckets=0 sectors=0 fragmented=0
[  672.445223][T14525]   parity: buckets=0 sectors=0 fragmented=0
[  672.445223][T14525]   stripe: buckets=0 sectors=0 fragmented=0
[  672.445223][T14525]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  672.445223][T14525]   need_discard: buckets=0 sectors=0 fragmented=0
[  672.445223][T14525] clock: read=0
[  672.445223][T14525] data_usage: need_gc_gens: 0/5 [0 0 0 0 0]=1
[  672.445223][T14525] 
[  672.611746][T14525] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  672.648771][    T9] usb usb1-port1: attempt power cycle
[  672.918313][ T5144] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  673.029951][ T5097] Bluetooth: hci2: ACL packet for unknown connection handle 3016
[  673.087202][    T9] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  673.114284][T14547] loop1: detected capacity change from 0 to 2048
[  673.128300][ T5144] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  673.137832][ T5144] usb 3-1: config 0 has no interface number 0
[  673.152310][ T5144] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  673.163125][    T9] usb 1-1: device descriptor read/8, error -71
[  673.175539][ T5144] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.191190][ T5144] usb 3-1: config 0 descriptor??
[  673.198289][ T5144] cp210x 3-1:0.3: cp210x converter detected
[  673.205975][T14550] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  673.259560][   T29] audit: type=1804 audit(1721047623.144:156): pid=14547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1980" name="/newroot/125/file0/file2" dev="loop1" ino=16 res=1 errno=0
[  673.460532][    T9] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  673.520543][    T9] usb 1-1: device descriptor read/8, error -71
[  673.540843][T14537] loop2: detected capacity change from 0 to 4096
[  673.647632][    T9] usb usb1-port1: unable to enumerate USB device
[  673.709856][T14555] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1982'.
[  673.850402][T14555] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1982'.
[  673.889399][T14555] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes.
[  674.091023][T14559] loop1: detected capacity change from 0 to 1764
[  674.105919][ T5144] cp210x 3-1:0.3: failed to get vendor val 0x370b size 1: -71
[  674.114294][ T5144] cp210x 3-1:0.3: querying part number failed
[  674.127401][ T5144] usb 3-1: cp210x converter now attached to ttyUSB0
[  674.144949][ T5144] usb 3-1: USB disconnect, device number 53
[  674.154007][ T5144] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  674.173985][T14567] loop4: detected capacity change from 0 to 256
[  674.185940][ T5144] cp210x 3-1:0.3: device disconnected
[  674.202136][T14567] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  674.596179][ T5141] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  674.787770][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  674.823002][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  674.866653][ T5141] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  674.899622][ T5141] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  674.921710][ T5141] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.944662][ T5141] usb 5-1: config 0 descriptor??
[  674.960898][T14571] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  675.653377][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.661577][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.674550][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.682757][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.693507][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.704387][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.718025][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.731776][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.759402][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.798820][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.830574][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.852191][T14571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.869945][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.885244][T14571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.906213][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.913680][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.934498][ T5141] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  675.945236][ T5141] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  675.962582][ T5141] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  676.146199][ T5146] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  676.358019][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  676.390551][ T5146] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  676.422151][ T5146] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  676.457286][ T5146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.587436][ T5146] usb 2-1: config 0 descriptor??
[  676.994018][T14592] loop2: detected capacity change from 0 to 131072
[  677.002290][T14592] F2FS-fs (loop2): Segment count (31) mismatch with total segments from devices (0)
[  677.011810][T14592] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  677.022559][T14592] F2FS-fs (loop2): invalid crc value
[  677.039226][T14603] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  677.101843][T14592] F2FS-fs (loop2): Found nat_bits in checkpoint
[  677.154838][T14589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  677.219053][T14592] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  677.224728][T14589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  677.226885][T14592] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  677.244613][ T5141] usb 5-1: USB disconnect, device number 53
[  677.247015][T14592] F2FS-fs (loop2): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[  677.262567][T14592] F2FS-fs (loop2): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[  677.303286][ T5146] prodikeys 0003:041E:2801.000F: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input0
[  677.480226][ T5144] usb 2-1: USB disconnect, device number 34
[  678.596195][ T5146] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  678.689954][T14612] loop4: detected capacity change from 0 to 32768
[  678.729539][T14612] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  678.788095][ T5146] usb 4-1: config 0 has an invalid interface number: 3 but max is 0
[  678.799400][ T5146] usb 4-1: config 0 has no interface number 0
[  678.808476][ T5146] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  678.818027][ T5146] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  678.842512][ T5146] usb 4-1: config 0 descriptor??
[  678.852825][ T5146] cp210x 4-1:0.3: cp210x converter detected
[  678.861704][T14612] XFS (loop4): Ending clean mount
[  678.889309][T14612] XFS (loop4): Quotacheck needed: Please wait.
[  678.918527][T14612] XFS (loop4): Quotacheck: Done.
[  679.859196][ T6861] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  680.006197][    T9] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  680.221307][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  680.260844][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  680.290013][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  680.326272][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  680.349869][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.372620][    T9] usb 2-1: config 0 descriptor??
[  680.388406][T14642] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  680.571245][    C0] eth0: bad gso: type: 1, size: 1408
[  680.638856][T14656] loop4: detected capacity change from 0 to 1024
[  680.675695][T14656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.946150][ T5146] cp210x 4-1:0.3: failed to get vendor val 0x370b size 1: -71
[  680.959049][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  680.966832][ T5146] cp210x 4-1:0.3: querying part number failed
[  680.974702][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  680.982803][ T5146] usb 4-1: cp210x converter now attached to ttyUSB0
[  680.989532][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  680.999104][ T5146] usb 4-1: USB disconnect, device number 46
[  681.006116][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.013796][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.041888][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.126684][ T5146] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  681.136178][ T5146] cp210x 4-1:0.3: device disconnected
[  681.349649][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.382906][T14642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  681.483409][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.500107][T14642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.530471][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.553268][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  681.574766][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.606466][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.625087][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.647208][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.662569][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.690072][    T9] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  681.716871][    T9] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  681.741439][    T9] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  682.008229][T14684] loop4: detected capacity change from 0 to 2048
[  682.104078][T14685] loop2: detected capacity change from 0 to 2048
[  682.143708][T14684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.158599][T14684] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  682.203868][T14685] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.223704][T14685] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  682.264860][T14684] fs-verity (loop4, inode 13): ext4_end_enable_verity() failed with err -28
[  682.284469][    T9] usb 2-1: USB disconnect, device number 35
[  682.311388][T14685] fs-verity (loop2, inode 13): ext4_end_enable_verity() failed with err -28
[  682.402268][ T5097] Bluetooth: hci2: ACL packet for unknown connection handle 3016
[  682.529181][T14697] loop1: detected capacity change from 0 to 2048
[  682.577376][T14700] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  682.655069][   T29] audit: type=1804 audit(1721047632.534:157): pid=14697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2021" name="/newroot/132/file0/file2" dev="loop1" ino=16 res=1 errno=0
[  682.761396][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.904058][T13053] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.954074][T14696] FAULT_INJECTION: forcing a failure.
[  682.954074][T14696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.992419][T14696] CPU: 1 UID: 0 PID: 14696 Comm: syz.3.2022 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  683.002712][T14696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  683.012807][T14696] Call Trace:
[  683.016128][T14696]  <TASK>
[  683.019082][T14696]  dump_stack_lvl+0x241/0x360
[  683.023797][T14696]  ? __pfx_dump_stack_lvl+0x10/0x10
[  683.029037][T14696]  ? __pfx__printk+0x10/0x10
[  683.033656][T14696]  ? __pfx_lock_release+0x10/0x10
[  683.038887][T14696]  ? rcu_is_watching+0x15/0xb0
[  683.043689][T14696]  ? lock_release+0xbf/0xa30
[  683.048313][T14696]  should_fail_ex+0x3b0/0x4e0
[  683.053117][T14696]  _copy_from_user+0x2f/0xe0
[  683.057743][T14696]  copy_msghdr_from_user+0xae/0x680
[  683.062977][T14696]  ? _parse_integer_limit+0x1b5/0x200
[  683.068378][T14696]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  683.074222][T14696]  __sys_sendmmsg+0x374/0x740
[  683.078957][T14696]  ? __pfx___sys_sendmmsg+0x10/0x10
[  683.084186][T14696]  ? lock_release+0xbf/0xa30
[  683.088821][T14696]  ? rcu_is_watching+0x15/0xb0
[  683.093620][T14696]  ? lock_release+0xbf/0xa30
[  683.098233][T14696]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  683.103879][T14696]  ? bpf_lsm_file_permission+0x9/0x10
[  683.109265][T14696]  ? __pfx_lock_release+0x10/0x10
[  683.114298][T14696]  ? preempt_count_add+0x93/0x190
[  683.119323][T14696]  ? sb_end_write+0xe9/0x1c0
[  683.123912][T14696]  ? vfs_write+0x7c4/0xc90
[  683.128340][T14696]  ? __mutex_unlock_slowpath+0x21d/0x750
[  683.133977][T14696]  ? __pfx_vfs_write+0x10/0x10
[  683.138800][T14696]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  683.145141][T14696]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  683.151478][T14696]  ? rcu_is_watching+0x15/0xb0
[  683.156242][T14696]  __x64_sys_sendmmsg+0xa0/0xb0
[  683.161109][T14696]  do_syscall_64+0xf3/0x230
[  683.165621][T14696]  ? clear_bhb_loop+0x35/0x90
[  683.170304][T14696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.176208][T14696] RIP: 0033:0x7f1d6cf75bd9
[  683.180712][T14696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.200436][T14696] RSP: 002b:00007f1d6ddc0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  683.208871][T14696] RAX: ffffffffffffffda RBX: 00007f1d6d103f60 RCX: 00007f1d6cf75bd9
[  683.216849][T14696] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000006
[  683.224822][T14696] RBP: 00007f1d6ddc00a0 R08: 0000000000000000 R09: 0000000000000000
[  683.232796][T14696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.240769][T14696] R13: 000000000000000b R14: 00007f1d6d103f60 R15: 00007ffdee084528
[  683.248767][T14696]  </TASK>
[  683.373210][T14713] 8021q: VLANs not supported on lo
[  684.050145][T14720] loop4: detected capacity change from 0 to 16
[  684.104906][T14720] erofs: (device loop4): mounted with root inode @ nid 36.
[  684.302923][T14711] loop2: detected capacity change from 0 to 32768
[  684.315523][T14727] loop1: detected capacity change from 0 to 2048
[  684.361793][T14711] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  684.407059][T14727] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  684.428158][T14727] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  684.448267][ T5141] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  684.474941][T14711] XFS (loop2): Ending clean mount
[  684.498374][T14727] fs-verity (loop1, inode 13): ext4_end_enable_verity() failed with err -28
[  684.634093][ T5144] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x4 
[  684.645662][ T5144] XFS (loop2): Unmount and run xfs_repair
[  684.656237][ T5141] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  684.668635][ T5144] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  684.679941][ T5141] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  684.693583][ T5144] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff  AB3B............
[  684.713471][ T5141] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  684.728309][ T5144] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 10  ................
[  684.753892][ T5144] 00000020: ed 37 bf 6e 74 ea 4e 01 f8 ba 5f ee 27 4b 0f 3a  .7.nt.N..._.'K.:
[  684.765909][ T5141] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  684.788024][ T5144] 00000030: 00 00 00 00 f6 3b 25 b5 00 00 00 07 00 00 00 01  .....;%.........
[  684.800493][ T5141] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.815466][ T5144] 00000040: 00 00 0b fe 00 00 00 02 00 00 0c 20 00 00 13 e0  ........... ....
[  684.835847][ T5144] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  684.845793][ T5141] usb 1-1: config 0 descriptor??
[  684.856181][T14722] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  684.872852][ T5144] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  684.886649][ T5144] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  684.895756][T14740] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x4 len 4 error 74
[  684.914622][T14740] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xad0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  684.941934][T14740] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  684.996482][T13053] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  685.018337][T12137] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  685.308157][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.334209][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.344043][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.360436][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.375395][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.395293][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.395328][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.427269][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.445308][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.455923][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.495527][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.518676][T14722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.536262][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.562458][T14722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.572825][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.616182][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.651809][ T5141] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  685.676965][ T5141] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[  685.700268][T14754] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2038'.
[  685.710496][ T5141] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  685.984488][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  685.990936][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  686.070428][T14754] loop1: detected capacity change from 0 to 40427
[  686.080957][T14754] F2FS-fs (loop1): Invalid log sectors per block(3) log sectorsize(10)
[  686.089599][T14754] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  686.135392][T14754] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241045589454292453)
[  686.220841][T14754] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  686.228075][T14754] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  686.519545][ T5144] usb 1-1: USB disconnect, device number 62
[  686.637948][T14768] validate_nla: 2 callbacks suppressed
[  686.637971][T14768] netlink: 'syz.0.2042': attribute type 8 has an invalid length.
[  686.683336][   T29] audit: type=1326 audit(1721047636.564:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14767 comm="syz.0.2042" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb92975bd9 code=0x0
[  687.275137][T14776] 8021q: VLANs not supported on lo
[  687.472832][T14780] loop4: detected capacity change from 0 to 2048
[  687.587961][T14780] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  687.603203][T14780] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  687.640121][T14780] fs-verity (loop4, inode 13): ext4_end_enable_verity() failed with err -28
[  687.725446][T14791] loop2: detected capacity change from 0 to 16
[  687.734524][T14791] erofs: (device loop2): mounted with root inode @ nid 36.
[  688.126200][    T9] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  688.234787][T14802] cifs: Unknown parameter '�[���b����IT�&��:���"����1:���ӭ'�4,�Zz-#F�<��]%gC��
[  688.234787][T14802] S�Ș�ȞZ�6��'
[  688.615523][ T5144] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  688.701112][ T6861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  688.808771][ T5144] usb 1-1: Using ep0 maxpacket: 16
[  688.817764][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  688.840536][ T5144] usb 1-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.09
[  688.851917][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  688.860601][ T5144] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.896179][ T5144] usb 1-1: Product: syz
[  688.900425][ T5144] usb 1-1: Manufacturer: syz
[  688.901892][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  688.915351][ T5144] usb 1-1: SerialNumber: syz
[  688.930931][ T5144] usb 1-1: config 0 descriptor??
[  688.937513][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  688.967242][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.976028][T14795] loop1: detected capacity change from 0 to 32768
[  688.988765][    T9] usb 4-1: config 0 descriptor??
[  688.993929][T14795] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2051 (14795)
[  689.008001][T14798] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  689.021297][T14795] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  689.031883][T14795] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  689.040803][T14795] BTRFS error (device loop1): cannot disable free-space-tree
[  689.055703][T14795] BTRFS error (device loop1): open_ctree failed
[  689.435078][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.457949][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.485377][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.508631][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.818021][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.825672][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.833220][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.840745][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.848415][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.855919][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.866971][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.874498][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.886025][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.902337][T14798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  689.924945][T14798] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  689.926589][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  689.992711][    T9] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  690.003177][ T5100] Bluetooth: hci5: sending frame failed (-49)
[  690.009354][ T5097] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  690.018595][T14817] FAULT_INJECTION: forcing a failure.
[  690.018595][T14817] name failslab, interval 1, probability 0, space 0, times 0
[  690.019417][    T9] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  690.040118][T14817] CPU: 1 UID: 0 PID: 14817 Comm: syz.4.2056 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  690.043188][    T9] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  690.050369][T14817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  690.050387][T14817] Call Trace:
[  690.050398][T14817]  <TASK>
[  690.050408][T14817]  dump_stack_lvl+0x241/0x360
[  690.050449][T14817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  690.088812][T14817]  ? __pfx__printk+0x10/0x10
[  690.093444][T14817]  ? __pfx___might_resched+0x10/0x10
[  690.098763][T14817]  should_fail_ex+0x3b0/0x4e0
[  690.103482][T14817]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  690.109234][T14817]  should_failslab+0xac/0x100
[  690.113962][T14817]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  690.119711][T14817]  __kmalloc_noprof+0xd8/0x400
[  690.124504][T14817]  ? kfree+0x4e/0x360
[  690.128519][T14817]  tomoyo_realpath_from_path+0xcf/0x5e0
[  690.134108][T14817]  tomoyo_path_number_perm+0x23a/0x880
[  690.139683][T14817]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  690.145350][T14817]  ? bpf_lsm_file_permission+0x9/0x10
[  690.150746][T14817]  ? tomoyo_path_number_perm+0x208/0x880
[  690.156406][T14817]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  690.162415][T14817]  ? rcu_is_watching+0x15/0xb0
[  690.167204][T14817]  ? __pfx_lock_acquire+0x10/0x10
[  690.172294][T14817]  ? fput+0x193/0x210
[  690.176393][T14817]  ? __fget_files+0x29/0x470
[  690.181009][T14817]  ? __fget_files+0x3f6/0x470
[  690.185721][T14817]  ? __fget_files+0x29/0x470
[  690.190335][T14817]  security_file_ioctl+0x75/0xb0
[  690.195302][T14817]  __se_sys_ioctl+0x47/0x170
[  690.199936][T14817]  do_syscall_64+0xf3/0x230
[  690.204472][T14817]  ? clear_bhb_loop+0x35/0x90
[  690.209174][T14817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.215176][T14817] RIP: 0033:0x7f8899d75bd9
[  690.219610][T14817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  690.239430][T14817] RSP: 002b:00007f889aabc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  690.247873][T14817] RAX: ffffffffffffffda RBX: 00007f8899f04038 RCX: 00007f8899d75bd9
[  690.255867][T14817] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000007
[  690.263872][T14817] RBP: 00007f889aabc0a0 R08: 0000000000000000 R09: 0000000000000000
[  690.271870][T14817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  690.279864][T14817] R13: 000000000000006e R14: 00007f8899f04038 R15: 00007ffdd9eb9c58
[  690.287882][T14817]  </TASK>
[  690.290997][    C1] vkms_vblank_simulate: vblank timer overrun
[  690.389686][T14817] ERROR: Out of memory at tomoyo_realpath_from_path.
[  690.626421][T14821] FAULT_INJECTION: forcing a failure.
[  690.626421][T14821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  690.902995][T14821] CPU: 0 UID: 0 PID: 14821 Comm: syz.2.2057 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  690.913306][T14821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  690.923475][T14821] Call Trace:
[  690.926775][T14821]  <TASK>
[  690.929722][T14821]  dump_stack_lvl+0x241/0x360
[  690.934432][T14821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  690.939788][T14821]  ? __pfx__printk+0x10/0x10
[  690.944410][T14821]  ? __pfx_lock_release+0x10/0x10
[  690.949463][T14821]  ? rcu_is_watching+0x15/0xb0
[  690.954245][T14821]  ? lock_release+0xbf/0xa30
[  690.958872][T14821]  should_fail_ex+0x3b0/0x4e0
[  690.963598][T14821]  _copy_from_user+0x2f/0xe0
[  690.968218][T14821]  copy_msghdr_from_user+0xae/0x680
[  690.973458][T14821]  ? __pfx_lock_acquire+0x10/0x10
[  690.976359][   T25] usb 1-1: USB disconnect, device number 63
[  690.978595][T14821]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  690.990318][T14821]  __sys_sendmsg+0x23d/0x3a0
[  690.994938][T14821]  ? __pfx___sys_sendmsg+0x10/0x10
[  691.000082][T14821]  ? vfs_write+0x7c4/0xc90
[  691.004553][T14821]  ? fput+0x193/0x210
[  691.008576][T14821]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  691.014945][T14821]  ? rcu_is_watching+0x15/0xb0
[  691.019739][T14821]  ? rcu_is_watching+0x15/0xb0
[  691.024532][T14821]  do_syscall_64+0xf3/0x230
[  691.029084][T14821]  ? clear_bhb_loop+0x35/0x90
[  691.033886][T14821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.040073][T14821] RIP: 0033:0x7fea7ef75bd9
[  691.044515][T14821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.064140][T14821] RSP: 002b:00007fea7fd77048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  691.072596][T14821] RAX: ffffffffffffffda RBX: 00007fea7f103f60 RCX: 00007fea7ef75bd9
[  691.080577][T14821] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  691.088565][T14821] RBP: 00007fea7fd770a0 R08: 0000000000000000 R09: 0000000000000000
[  691.096564][T14821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  691.104560][T14821] R13: 000000000000000b R14: 00007fea7f103f60 R15: 00007ffd1ae506d8
[  691.112550][T14821]  </TASK>
[  691.319058][    T9] usb 4-1: USB disconnect, device number 47
[  691.393769][T14841] 8021q: VLANs not supported on lo
[  692.240340][T14851] loop2: detected capacity change from 0 to 16
[  692.247828][T14852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2064'.
[  692.326498][T14851] erofs: (device loop2): mounted with root inode @ nid 36.
[  693.923888][T14862] loop4: detected capacity change from 0 to 32768
[  693.949058][T14862] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2071 (14862)
[  694.019226][T14862] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  694.044011][T14862] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  694.075193][T14862] BTRFS error (device loop4): cannot disable free-space-tree
[  694.102060][T14862] BTRFS error (device loop4): open_ctree failed
[  695.900745][T14907] loop1: detected capacity change from 0 to 256
[  696.934786][T14928] bond_slave_0: entered promiscuous mode
[  696.940572][T14928] bond_slave_1: entered promiscuous mode
[  696.969036][T14928] vlan2: entered promiscuous mode
[  696.975226][T14932] Driver unsupported XDP return value 0 on prog  (id 546) dev N/A, expect packet loss!
[  696.986323][T14928] bond0: entered promiscuous mode
[  697.185443][T14941] netlink: 'syz.3.2100': attribute type 2 has an invalid length.
[  697.186494][ T5100] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  697.206318][T14941] netlink: 160 bytes leftover after parsing attributes in process `syz.3.2100'.
[  697.206385][ T5100] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  697.222944][ T5100] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  697.233455][ T5100] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  697.243022][ T5100] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  697.250527][ T5100] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  697.294729][T14946] netlink: 'syz.3.2102': attribute type 5 has an invalid length.
[  697.742564][T14942] chnl_net:caif_netlink_parms(): no params data found
[  697.843275][T14936] loop2: detected capacity change from 0 to 32768
[  697.861461][T14936] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2099 (14936)
[  697.879383][T14936] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  697.905531][T14936] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  697.931658][T14942] bridge0: port 1(bridge_slave_0) entered blocking state
[  697.945763][T14936] BTRFS error (device loop2): cannot disable free-space-tree
[  697.954858][T14942] bridge0: port 1(bridge_slave_0) entered disabled state
[  697.967022][T14936] BTRFS error (device loop2): open_ctree failed
[  697.973700][T14942] bridge_slave_0: entered allmulticast mode
[  697.990378][   T88] ==================================================================
[  697.998672][   T88] BUG: KASAN: null-ptr-deref in drop_buffers+0x6f/0x710
[  698.005640][   T88] Read of size 4 at addr 0000000000000060 by task kswapd0/88
[  698.006289][T14942] bridge_slave_0: entered promiscuous mode
[  698.013019][   T88] 
[  698.013029][   T88] CPU: 0 UID: 0 PID: 88 Comm: kswapd0 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  698.030943][   T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  698.041032][   T88] Call Trace:
[  698.044313][   T88]  <TASK>
[  698.047260][   T88]  dump_stack_lvl+0x241/0x360
[  698.051955][   T88]  ? __pfx_dump_stack_lvl+0x10/0x10
[  698.057190][   T88]  ? __pfx__printk+0x10/0x10
[  698.061790][   T88]  ? _printk+0xd5/0x120
[  698.065956][   T88]  print_report+0xe8/0x550
[  698.070387][   T88]  ? __virt_addr_valid+0x58/0x530
[  698.075411][   T88]  ? drop_buffers+0x6f/0x710
[  698.080004][   T88]  kasan_report+0x143/0x180
[  698.084535][   T88]  ? drop_buffers+0x6f/0x710
[  698.089133][   T88]  kasan_check_range+0x282/0x290
[  698.094100][   T88]  drop_buffers+0x6f/0x710
[  698.098530][   T88]  try_to_free_buffers+0x295/0x5f0
[  698.103647][   T88]  ? __pfx___might_resched+0x10/0x10
[  698.108939][   T88]  ? __count_memcg_events+0x190/0x2a0
[  698.114343][   T88]  ? __pfx_try_to_free_buffers+0x10/0x10
[  698.120000][   T88]  ? filemap_release_folio+0x2ba/0x4b0
[  698.125464][   T88]  shrink_folio_list+0x26c2/0x8c90
[  698.130597][   T88]  ? __pfx_shrink_folio_list+0x10/0x10
[  698.136067][   T88]  ? lock_release+0xbf/0xa30
[  698.140681][   T88]  ? __pfx_lock_acquire+0x10/0x10
[  698.145729][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.150497][   T88]  ? lock_release+0xbf/0xa30
[  698.155104][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.159880][   T88]  ? cgroup_rstat_updated+0x13b/0xc60
[  698.166657][   T88]  ? __switch_to+0xe94/0x1c30
[  698.171341][   T88]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  698.177155][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.181968][   T88]  ? memcg_rstat_updated+0x7b/0x2f0
[  698.187193][   T88]  ? __mod_memcg_lruvec_state+0x2af/0x3b0
[  698.193040][   T88]  ? memcg_rstat_updated+0x7b/0x2f0
[  698.198255][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.203027][   T88]  evict_folios+0x5323/0x78c0
[  698.207741][   T88]  ? __pfx_evict_folios+0x10/0x10
[  698.212776][   T88]  ? __pfx_lock_release+0x10/0x10
[  698.217809][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.222582][   T88]  ? lock_release+0xbf/0xa30
[  698.227179][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.233613][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.238383][   T88]  ? mem_cgroup_get_nr_swap_pages+0x28/0x110
[  698.244372][   T88]  ? get_swappiness+0x380/0x3e0
[  698.249253][   T88]  try_to_shrink_lruvec+0x9ab/0xbb0
[  698.254475][   T88]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  698.260209][   T88]  ? page_counter_calculate_protection+0x18e/0x3e0
[  698.266722][   T88]  ? __pfx_lock_release+0x10/0x10
[  698.271776][   T88]  shrink_one+0x3cc/0x880
[  698.276135][   T88]  ? shrink_node+0x3727/0x4160
[  698.280916][   T88]  shrink_node+0x3979/0x4160
[  698.285525][   T88]  ? shrink_node+0x3727/0x4160
[  698.290307][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.295091][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.299905][   T88]  ? lock_acquire+0xe3/0x550
[  698.304519][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.310943][   T88]  ? __pfx_lock_acquire+0x10/0x10
[  698.315976][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.320742][   T88]  ? __pfx_shrink_node+0x10/0x10
[  698.325734][   T88]  ? psi_memstall_enter+0x280/0x320
[  698.330943][   T88]  ? __pfx_psi_memstall_enter+0x10/0x10
[  698.336521][   T88]  kswapd+0x17ce/0x3640
[  698.340715][   T88]  ? kswapd+0xbae/0x3640
[  698.344976][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.349489][   T88]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  698.355479][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.361820][   T88]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  698.368158][   T88]  ? __pfx_autoremove_wake_function+0x10/0x10
[  698.374247][   T88]  ? __kthread_parkme+0x169/0x1d0
[  698.379284][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.383793][   T88]  kthread+0x2f0/0x390
[  698.387872][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.392381][   T88]  ? __pfx_kthread+0x10/0x10
[  698.397064][   T88]  ret_from_fork+0x4b/0x80
[  698.401584][   T88]  ? __pfx_kthread+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  698.406198][   T88]  ret_from_fork_asm+0x1a/0x30
[  698.410990][   T88]  </TASK>
[  698.414010][   T88] ==================================================================
[  698.530603][   T88] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  698.537864][   T88] CPU: 0 UID: 0 PID: 88 Comm: kswapd0 Not tainted 6.10.0-rc7-next-20240712-syzkaller #0
[  698.547608][   T88] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  698.558033][   T88] Call Trace:
[  698.561333][   T88]  <TASK>
[  698.564282][   T88]  dump_stack_lvl+0x241/0x360
[  698.569000][   T88]  ? __pfx_dump_stack_lvl+0x10/0x10
[  698.574230][   T88]  ? __pfx__printk+0x10/0x10
[  698.578855][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.583643][   T88]  ? vscnprintf+0x5d/0x90
[  698.588023][   T88]  panic+0x349/0x870
[  698.591995][   T88]  ? check_panic_on_warn+0x21/0xb0
[  698.597337][   T88]  ? __pfx_panic+0x10/0x10
[  698.601806][   T88]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  698.607833][   T88]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  698.614189][   T88]  ? print_report+0xe8/0x550
[  698.618811][   T88]  check_panic_on_warn+0x86/0xb0
[  698.623806][   T88]  ? drop_buffers+0x6f/0x710
[  698.628421][   T88]  end_report+0x77/0x160
[  698.632692][   T88]  kasan_report+0x154/0x180
[  698.637219][   T88]  ? drop_buffers+0x6f/0x710
[  698.641846][   T88]  kasan_check_range+0x282/0x290
[  698.646816][   T88]  drop_buffers+0x6f/0x710
[  698.651265][   T88]  try_to_free_buffers+0x295/0x5f0
[  698.656404][   T88]  ? __pfx___might_resched+0x10/0x10
[  698.661725][   T88]  ? __count_memcg_events+0x190/0x2a0
[  698.667137][   T88]  ? __pfx_try_to_free_buffers+0x10/0x10
[  698.672799][   T88]  ? filemap_release_folio+0x2ba/0x4b0
[  698.678286][   T88]  shrink_folio_list+0x26c2/0x8c90
[  698.683440][   T88]  ? __pfx_shrink_folio_list+0x10/0x10
[  698.688916][   T88]  ? lock_release+0xbf/0xa30
[  698.693525][   T88]  ? __pfx_lock_acquire+0x10/0x10
[  698.698565][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.703342][   T88]  ? lock_release+0xbf/0xa30
[  698.707952][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.712725][   T88]  ? cgroup_rstat_updated+0x13b/0xc60
[  698.718125][   T88]  ? __switch_to+0xe94/0x1c30
[  698.722821][   T88]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  698.728557][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.733338][   T88]  ? memcg_rstat_updated+0x7b/0x2f0
[  698.738572][   T88]  ? __mod_memcg_lruvec_state+0x2af/0x3b0
[  698.744345][   T88]  ? memcg_rstat_updated+0x7b/0x2f0
[  698.749577][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.754377][   T88]  evict_folios+0x5323/0x78c0
[  698.759340][   T88]  ? __pfx_evict_folios+0x10/0x10
[  698.764418][   T88]  ? __pfx_lock_release+0x10/0x10
[  698.769463][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.774247][   T88]  ? lock_release+0xbf/0xa30
[  698.778926][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.785277][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.790054][   T88]  ? mem_cgroup_get_nr_swap_pages+0x28/0x110
[  698.796070][   T88]  ? get_swappiness+0x380/0x3e0
[  698.800940][   T88]  try_to_shrink_lruvec+0x9ab/0xbb0
[  698.806166][   T88]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  698.811898][   T88]  ? page_counter_calculate_protection+0x18e/0x3e0
[  698.818414][   T88]  ? __pfx_lock_release+0x10/0x10
[  698.823461][   T88]  shrink_one+0x3cc/0x880
[  698.827831][   T88]  ? shrink_node+0x3727/0x4160
[  698.832624][   T88]  shrink_node+0x3979/0x4160
[  698.837238][   T88]  ? shrink_node+0x3727/0x4160
[  698.842022][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.846795][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.851675][   T88]  ? lock_acquire+0xe3/0x550
[  698.856293][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.862637][   T88]  ? __pfx_lock_acquire+0x10/0x10
[  698.867681][   T88]  ? rcu_is_watching+0x15/0xb0
[  698.872544][   T88]  ? __pfx_shrink_node+0x10/0x10
[  698.877495][   T88]  ? psi_memstall_enter+0x280/0x320
[  698.882708][   T88]  ? __pfx_psi_memstall_enter+0x10/0x10
[  698.888283][   T88]  kswapd+0x17ce/0x3640
[  698.892463][   T88]  ? kswapd+0xbae/0x3640
[  698.896725][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.901249][   T88]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  698.907237][   T88]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  698.913595][   T88]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  698.919934][   T88]  ? __pfx_autoremove_wake_function+0x10/0x10
[  698.926011][   T88]  ? __kthread_parkme+0x169/0x1d0
[  698.931062][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.935586][   T88]  kthread+0x2f0/0x390
[  698.939662][   T88]  ? __pfx_kswapd+0x10/0x10
[  698.944168][   T88]  ? __pfx_kthread+0x10/0x10
[  698.948756][   T88]  ret_from_fork+0x4b/0x80
[  698.953183][   T88]  ? __pfx_kthread+0x10/0x10
[  698.957775][   T88]  ret_from_fork_asm+0x1a/0x30
[  698.962556][   T88]  </TASK>
[  698.965897][   T88] Kernel Offset: disabled
[  698.970223][   T88] Rebooting in 86400 seconds..